On September 29, 2020, the Department of Defense (DoD) posted notice of anInterim Rule on the Federal Registerthat impacts every company in the Defense Industrial Base (DIB). The Interim Rule amends the Defense Federal Acquisition Regulation Supplement (DFARS) for DoD contract engagements with res...
An improvement to the current DFARS regulation requiring compliance with NIST SP 800-171 standards, the tiered CMMC system levels the playing field by creating regulations and compliance requirements dependent on business type and industry. The one (least secure) to five (most secure) scale expands ...
By May or June of this year, DoD anticipates releasing a draft DFARS regulation codifying the CMMC process. In June, the Defense Acquisition University will begin offering online courses on CMMC compliance. Also in June, DoD anticipates issuing RFIs for all 10 of the pathfinder ...
*DCISE is also the reporting and analysis hub for the implementation of Title 10 USC Sections 391 and 393 regarding the reporting of certain types of cyber incidents by CDCs and the related Defense Federal Acquisition Regulation Supplement (DFARS 252.204- 7012). **as outlined in Title 32 C...
CUI is information the federal government creates or possesses that a law, regulation or government-wide policy requires—or specifically permits—an agency to handle using safeguarding or dissemination controls. This includes For Official Use Only (FOUO), Personally Identifiable Information (PII), ...
Level 1 represents the requirements needed for DoD contracts that do not involve controlled unclassified information (CUI). Level 2 represents a transitional step to protect CUI. Level 3 governs DoD contracts involving the protection of CUI. Finally, levels 4 and 5 represent the highest levels of...
Impact Level 5 data includes controlled, unclassified information (CUI) that requires a higher level of protection as deemed necessary by the information owner, public law or government regulation. Impact Level 5 data is inclusive of unclassified National Security Systems. More information on t...
That is where DFARS comes in. DFARS stands for Defense Federal Acquisition Regulation Supplement. Any federal contracting with a current contract with the federal government is expected to be DFARS compliant. But what exactly is DFARS compliance?
General Data Protection Regulation (GDPR) Health Insurance Portability and Accountability Act (HIPAA) ISO/IEC 27001 ISO/IEC 27002 JSP 604 (British Gov Cloud) North American Electric Reliability Corporation (NERC) NIST SP 800-171 (Protecting CUI in Nonfederal Systems and Organizatio...