DFARS 252.204-7020 NIST SP 800-171 DoD Assessment Requirements requires that the DIB contractor provide access to their facilities, systems, and personnel when DoD is conducting a Medium or High NIST SP 800-171 assessment.Summary level scores of these assessments shall be posted in the DoD Supplier Performance Risk System (SPRS). DFARS 252.204-7019 Notice of NIST SP 800-171 DoD Assessment Requirements mandates that the DIB contractor undergo self-assessments that meet the NIST SP 800-171 DoD Assessment Methodology at least every three years.In September 2020, DoD published a DFARS Interim Rule that established three new DFARS requirements and expanded upon the initial DFARS Clause 252.204-7012: All DoD contractors are required to comply with DFARS requirements for adequate security. Defense contractors whose information systems process, store, or transmit covered defense information (CDI) must comply with the Department of Defense (DoD) Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012, which specifies requirements for the protection of controlled unclassified information (CUI) in accordance with NIST SP 800-171, cyber incident reporting obligations, and other considerations for cloud service providers.
0 kommentar(er)
