Search results
Results from the WOW.Com Content Network
This is especially prevalent for any government work which requires CUI (Controlled Unclassified Information) or above and is required by DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting [4] While private industry may not be required to follow NIST 800-88 standards for data sanitization, it is ...
In 2013 DFARS 252.204-7000 Rule goes into effect which required the protection of sensitive data on non-federal systems. In 2016 DFARS 7012 clause goes into in effect requiring all contract holders to self-assess to meeting the security requirements of NIST SP 800-171.
The Government should make sure there is a release of claims (ROC) clause in the REA's contract modification – FAR / DFARS do not have a sample ROC clause. In the context of FAR Part 12 commercial items, the changes clause requires bilateral agreement. A substantial number of federal cases deal with REAs: