ARCHIVED CONTENT
You are viewing ARCHIVED CONTENT released online between 1 April 2010 and 24 August 2018 or content that has been selectively archived and is no longer active. Content in this archive is NOT UPDATED, and links may not function.By William Wagner
Today’s post provides a compliance checklist for contracting for cloud services regulations relating to the new DoD cyber security regulations and also details the ramifications for failure to comply to the regulations.
- Advise the Contracting Officer if you will use cloud computing to provide information technology services in the performance of the contract. If you decide to later propose to use cloud computing services, obtain written approval to do so by the Contracting Officer prior to utilizing cloud computing services in performance of the contract. (Source: DFARS 252.239-7010(b)(1)
- Implement and maintain administrative, technical, and physical safeguards and controls with the security level and services required in accordance with the Cloud Computing Security Requirements Guide (SRG) version in effect at the time the solicitation is issued or as authorized by the Contracting Officer. (You can find the SRG here.) (Source: DFARS 252.239-7010(b)(2)