In the event that you have a contract with the department of defense, you will be required to observe the defense federal acquisition regulation supplement clauses that are in the contracts. Before we go through DFARS in details, it is a good idea to know what it is all about; it refers to the set of instructions that are set to govern the federal government in its acquisition of goods and services. Anytime you have a contract with the federal government, it is best to observe all the clauses of DFARS failure to which can result in the termination of the contract. The other effect of failing to observe DFARS clauses involves loosing of work. When you have a contract with the federal government, you need to beware of the DFARS clauses especially the one that defines cybersecurity standards. Contracotrs that want to observe the cybersecurity standards clause need to ensure that they have implemented the requirements identified in the National Institute of Science and Technology Special Publication 800-171.
It is common to find that in the course of their contracts with the government, contractors tend to be in possession of non-classified information for which the federal government regulations need safeguarding. The main concern for the federal government is to ensure that the people are protected, therefore, the non-classified information need to be protected for national security. As much as the information may not pose security issues to the country, disclosing it can damage a person or an entity who owns that information.
Though the worst thing that can happen to a contractor in the event of noncompliance is loss of contract, the contracting officer must first determine the action to be taken. In the event of contract that involve controlled unclassified information, attestation of compliance is a prerequisite for submitting bids for future DOD contracts. It is the role of small contractors who are subcontractors to the prime contractors to expect their primes to be vigilant on ensuring their compliance.
On the other hand, smaller contractors, the challenge they encounter is on how to find a compliance strategy for the rules. It is worth noting that according to the rules, the contractors need to have adequate security covered on their information systems.
Now that you understand what DFARS is all about, it is of utmost importance for contractors to know the questions they need to ask when getting into a contract with the federal government. Before you decide to enter into contract with a government, it is best to be sure of the constituents of DFARS compliance. While looking for answers to the questions, contractors need to describe how they have implemented the special publications. Anytime a contractor wants to get into a contract with a federal government, they need to ensure that they have all the information they need to know about DFARS compliance which can be found in this post.