Cybersecurity, Privacy, & AI

Trending Now
Agriculture Department Kicks Off $300M Palantir Deal on IT, National Security Work • Vercel Attack Fallout Expands to More Customers and Third-Party Systems • Seeing the Cyber in Economic Statecraft • Responding to a Data Breach: How to Preserve the Attorney-Client Privilege • NIST Cyber Center to Launch OT ‘Visibility’ Project
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on March 11, 2019 Cyber

DCMA’s Cybersecurity Oversight Takes Shape: Revised CPSR Guidebook Outlines DFARS Safeguarding Clause Audit Standards

The Defense Contract Management Agency has revised its Contractor Purchasing System Review Guidebook to incorporate new standards its auditors will use to assess contractor supply chain management under DFARS.

Contractors are now required to “validate” that their subcontractors have information systems “that can receive and protect” Covered Defense Information and to “determine” whether subcontractor systems are “acceptable.”  Contractors must also demonstrate:

  • How CDI is properly marked and securely transferred to subcontractors;
  • How they manage and document subcontractor notifications regarding requests to vary from the NIST requirements and the submission of cyber incident reports.

These requirements only apply where the subcontractor will be utilized for operationally critical support or performing duties that involve CDI.

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–SaturdaySubscribe here.

© PubKGroup 2024