Safeguarding of Contractor Information Systems Expands Beyond DFARS 252-204.7012

By Eric Noonan • June 1, 2016

 * This is the first in a multi-part series on the new FARS 4.19 clause.

Recently, the US Government issued a final rule to the Federal Acquisition Regulations (FAR) to “add a new subpart and contract clause for the basic safeguarding of contractor information systems that process, store, or transmit Federal contract information”.  This is a new mandatory regulation, similar to the requirements established by the US Department of Defense with the Defense Federal Acquisition Regulation Supplement (DFARS).

On May 16, 2016, the final FAR ruling was issued, 48 C.F.R. Part 4.19 establishing minimum safeguarding requirements for federal contractor information systems and expressly provide that Federal agencies and departments may impose additional specific requirements.  The new FAR regulation goes into effect on June 16, 2016.  DoD, as mentioned in previous blogs has already amended its regulations to require covered contractors to comply with DFARS 252.204-7012. The new FAR 4.19 clause applies to all federal contractor information systems that are owned or operated by a contractor that processes, stores, or transmits Federal contract information.  While the new regulation does not require compliance with any specific NIST standards, unlike the DFARS regulation that requires NIST SP 800-171 compliance, the new regulation lists many of the same 14 control families detailed in 800-171.

CyberSheath can help you meet your compliance objectives and requirements, contact us today.

CyberSheath Blog

CyberSheath Opens Registration For CMMC CON 2022

RESTON, Va. — June 8, 2022 — Federal contractors have been searching for direction after seeing a flood of messaging about the future of Cybersecurity Maturity Model Certification (CMMC). The nation’s largest CMMC conference has returned to help contractors navigate their course through the evolving compliance landscape.   Hosted by…

5 Reasons to Partner with CyberSheath

The threat landscape is only becoming more complex. Offload the responsibility of navigating cybersecurity issues for your customers by taking advantage of CyberSheath’s new Partner Program.   As a pioneer and industry leader in the managed security service provider space, our new offering helps you achieve rapid results and deliver…

CMMC Compliance Training: How to Earn Your Black Belt

Contractors in the Defense Industrial Base (DIB) are looking for direction as Cybersecurity Maturity Model Certification (CMMC) 2.0 nears. Compliance with CMMC and Defense Federal Acquisition Regulation Supplement (DFARS) is your key to doing business with the Department of Defense (DoD) and we can help you navigate those requirements and…

Our Trusted Partners

Tenable Microsoft Siemplify KnowBe4 ConnectWise DUO