• Home

  • Documents

  • spars.huntingtoningalls.com · Web viewIf, at any time, your compliance with the DFARS clause is...
2
CERTIFICATION OF SAFEGUARDING COVERED DEFENSE INFORMATION AND CYBER INCIDENT REPORTING You (Seller-offeror) are receiving this certification form because you are expected to receive Covered Defense Information (CDI) subject to the requirements of DFARS 252.204-7012 , Safeguarding Covered Defense Information and Cyber Incident Reporting (the “DFARS clause”), in support of bid and proposal activities of Huntington Ingalls Incorporated (HII). In order to receive CDI, you must agree to handle the CDI in accordance with the requirements of the DFARS clause. If you are selected as a subcontractor to HII under a related U.S. Government prime contract, the subcontract is expected to contain the DFARS clause as a mandatory flow down. The DFARS clause requires that all contractors at every tier under a government prime contract implement “adequate security measures” (as defined in the DFARS clause) to safeguard CDI, which is defined to include unclassified controlled technical information or other information, as described in the Controlled Unclassified Information (CUI) Registry at http://www.archives.gov/cui/registry/category-list.html , that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Government-wide policies. The DFARS clause also requires that contractors and subcontractors report to http://dibnet.dod.mil within 72 hours of discovery certain “cyber incidents” that result in an actual or potentially adverse effect on CDI. To submit such reports, you must acquire and maintain a DoD-approved medium assurance certificate. Information on obtaining a DoD-approved medium assurance certificate is available at: http://iase.disa.mil/pki/eca/Pages/index.aspx . You agree to the following notification requirements as an express condition of receiving CDI from HII: You agree to notify HII in writing when submitting any request to vary from a NIST SP 800-171 security requirement to the Contracting Officer, for consideration by the DoD CIO. If, at any time, your compliance with the DFARS clause is based on implementation of a system security plan (SSP) and/or a plan of action and milestones (POAMs), then any such SSP and/or POAM shall comply with all applicable legal or regulatory requirements, DoD guidance, and/or direction or guidance provided to you or HII from the DoD, a contracting officer(s), or any other relevant authority. You agree to immediately inform HII in writing if, after the date this certification was executed, there is any change in your company’s SBF P9689 (04/17/18) Page 1 of 1 Ingalls Shipbuilding

spars.huntingtoningalls.com · Web viewIf, at any time, your compliance with the DFARS clause is based on implementation of a system security plan (SSP) and/or a plan of action and

  • Upload
    others

  • View
    2

  • Download
    0

Embed Size (px)

Citation preview

Page 1: spars.huntingtoningalls.com · Web viewIf, at any time, your compliance with the DFARS clause is based on implementation of a system security plan (SSP) and/or a plan of action and

CERTIFICATION OF SAFEGUARDING COVERED DEFENSE INFORMATION AND CYBER INCIDENT REPORTING

You (Seller-offeror) are receiving this certification form because you are expected to receive Covered Defense Information (CDI) subject to the requirements of DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting (the “DFARS clause”), in support of bid and proposal activities of Huntington Ingalls Incorporated (HII).

In order to receive CDI, you must agree to handle the CDI in accordance with the requirements of the DFARS clause. If you are selected as a subcontractor to HII under a related U.S. Government prime contract, the subcontract is expected to contain the DFARS clause as a mandatory flow down.

The DFARS clause requires that all contractors at every tier under a government prime contract implement “adequate security measures” (as defined in the DFARS clause) to safeguard CDI, which is defined to include unclassified controlled technical information or other information, as described in the Controlled Unclassified Information (CUI) Registry at http://www.archives.gov/cui/registry/category-list.html, that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Government-wide policies.

The DFARS clause also requires that contractors and subcontractors report to http://dibnet.dod.mil within 72 hours of discovery certain “cyber incidents” that result in an actual or potentially adverse effect on CDI. To submit such reports, you must acquire and maintain a DoD-approved medium assurance certificate. Information on obtaining a DoD-approved medium assurance certificate is available at: http://iase.disa.mil/pki/eca/Pages/index.aspx.

You agree to the following notification requirements as an express condition of receiving CDI from HII: You agree to notify HII in writing when submitting any request to vary from a NIST SP 800-171 security

requirement to the Contracting Officer, for consideration by the DoD CIO. If, at any time, your compliance with the DFARS clause is based on implementation of a system security plan

(SSP) and/or a plan of action and milestones (POAMs), then any such SSP and/or POAM shall comply with all applicable legal or regulatory requirements, DoD guidance, and/or direction or guidance provided to you or HII from the DoD, a contracting officer(s), or any other relevant authority.

You agree to immediately inform HII in writing if, after the date this certification was executed, there is any change in your company’s circumstances that causes this certification to be untrue, inaccurate, or misleading.

CERTIFICATION

By the signature of its authorized representative below, Seller-offeror certifies that either (i) it has implemented adequate security as required by the DFARS clause on its information systems that, at a minimum, complies with the security requirements of the current revision to the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, OR (ii) it has implemented an SSP and/or POAM in compliance with all applicable legal and regulatory requirements and DoD guidance. If Seller-offeror is not selected as a subcontractor to perform the work for which it received the CDI, Seller-offeror agrees to dispose/destroy any CDI it received from HII in a manner consistent with the requirements of the DFARS clause.

Company Name of Seller-Offeror      Name of Authorized Representative (Type)

     

Title of Authorized Representative (Type)

     Signature Date

SBF P9689 (04/17/18) Page 1 of 1Ingalls Shipbuilding

http://iase.disa.mil/pki/eca/Pages/index.aspx
http://dibnet.dod.mil/
http://www.archives.gov/cui/registry/category-list.html
http://www.acq.osd.mil/dpap/dars/dfars/html/current/252204.htm

NIST 800-171 Simplifying CUI and DFARS Compliance

NIST 800-171 Simplifying CUI and DFARS Compliance

Government & Nonprofit
Deltek Insight 2011: New DFARS Business Systems Rule & Your Accounting System

Deltek Insight 2011: New DFARS Business Systems Rule & Your Accounting System

Education
Becoming DFARS / NIST Compliant (Cybersecurity)

Becoming DFARS / NIST Compliant (Cybersecurity)

Documents
Comments on DFARS Case 2012-D055 - ERAI

Comments on DFARS Case 2012-D055 - ERAI

Documents
DFARS UPDATE: NDAA 2012 Section 818, Final Rule · 6/17/2014  · DFARS UPDATE: NDAA 2012 Section 818, Final Rule Detection and Avoidance of Counterfeit Electronic Parts Overview

DFARS UPDATE: NDAA 2012 Section 818, Final Rule · 6/17/2014  · DFARS UPDATE: NDAA 2012 Section 818, Final Rule Detection and Avoidance of Counterfeit Electronic Parts Overview

Documents
Counterfeit Parts DFARS 7007/7008 What Does It All Mean?asq.org/asd/2019/04/quality-control/counterfeit...1 Counterfeit Parts DFARS 252.246‐7007/7008 What Does It All Mean? Rick

Counterfeit Parts DFARS 7007/7008 What Does It All Mean?asq.org/asd/2019/04/quality-control/counterfeit...1 Counterfeit Parts DFARS 252.246‐7007/7008 What Does It All Mean? Rick

Documents
Results of the AIA Membership Survey: DFARS …AIA recently released a survey to its members to assess their EOY 2017 readiness to DFARS Cyber Security compliance •Intended to formulate

Results of the AIA Membership Survey: DFARS …AIA recently released a survey to its members to assess their EOY 2017 readiness to DFARS Cyber Security compliance •Intended to formulate

Documents
Accident Prevention/Safety Plan - PennaGroup Plan.pdf · regulation supplement (dfars) subpart 252.223‐7004.....45 d. site sanitation plan (section 02 ... nasa nss 1740.12 (1993

Accident Prevention/Safety Plan - PennaGroup Plan.pdf · regulation supplement (dfars) subpart 252.223‐7004.....45 d. site sanitation plan (section 02 ... nasa nss 1740.12 (1993

Documents
STORY PLAN - Adventist CIRCLEcircle.adventist.org/.../PacificIslandBible_STORYPLAN1-6.doc · Web viewIf a Story Plan needs more time then you are able to plan that way. If you wish

STORY PLAN - Adventist CIRCLEcircle.adventist.org/.../PacificIslandBible_STORYPLAN1-6.doc · Web viewIf a Story Plan needs more time then you are able to plan that way. If you wish

Documents
DFARS Procedures, Guidance, and Information · PGI 208.7002 Assignment authority. ... PGI 208.7004-4 Cutoff dates for submission of Category II MIPRs. DFARS Procedures, Guidance,

DFARS Procedures, Guidance, and Information · PGI 208.7002 Assignment authority. ... PGI 208.7004-4 Cutoff dates for submission of Category II MIPRs. DFARS Procedures, Guidance,

Documents
DFARS Accounting System Reviews - GovCon360govcon360.com/wp-content/uploads/2015/01/ASR-LL-Presentation.pdf · DFARS Accounting System Reviews. AGENDA Assessment ... Used when a company

DFARS Accounting System Reviews - GovCon360govcon360.com/wp-content/uploads/2015/01/ASR-LL-Presentation.pdf · DFARS Accounting System Reviews. AGENDA Assessment ... Used when a company

Documents
DFARS 252.204-7012, NIST 800-171, CDI … and You · DFARS 252.204-7012, NIST 800-171, CDI … and You • Overview

DFARS 252.204-7012, NIST 800-171, CDI … and You · DFARS 252.204-7012, NIST 800-171, CDI … and You • Overview

Documents
Terms and Conditions and FAR and DFARS ... - General … · Terms and Conditions and FAR and DFARS Flowdown Provisions for Purchase Orders for Non-Commercial Items Under U.S. Government

Terms and Conditions and FAR and DFARS ... - General … · Terms and Conditions and FAR and DFARS Flowdown Provisions for Purchase Orders for Non-Commercial Items Under U.S. Government

Documents
Overview of DFARS Case 2009-D008 Presented By: Tom Ruckdaschel July 2011

Overview of DFARS Case 2009-D008 Presented By: Tom Ruckdaschel July 2011

Documents
DFARS Procedures, Guidance, and Information€¦ · DFARS Procedures, Guidance, and Information P GI 204—Administrative Matters 2004 EDITION 204.6-2 (B) If the issue is an obvious

DFARS Procedures, Guidance, and Information€¦ · DFARS Procedures, Guidance, and Information P GI 204—Administrative Matters 2004 EDITION 204.6-2 (B) If the issue is an obvious

Documents
BAE Systems, Inc. DFARS Cybersecurity Compliance Program ...€¦ · • All BAE Systems Terms and Condition statements have been modified to included the new DFARS requirement, when

BAE Systems, Inc. DFARS Cybersecurity Compliance Program ...€¦ · • All BAE Systems Terms and Condition statements have been modified to included the new DFARS requirement, when

Documents
MATLAB Object-Oriented Programming › attachments › download › 259 › matlab_oop.pdfor defined in FAR 12.212, DFARS Part 227.72, and DFARS 252.227-7014. Accordingly, the terms

MATLAB Object-Oriented Programming › attachments › download › 259 › matlab_oop.pdfor defined in FAR 12.212, DFARS Part 227.72, and DFARS 252.227-7014. Accordingly, the terms

Documents
Ethiopian world Federation, Incorporated, The FAR DFARS ORCA Record

Ethiopian world Federation, Incorporated, The FAR DFARS ORCA Record

Documents
Programmable DC Power Supply - Cloudinaryg...2017/01/06  · data), 12.212 (computer software). DFARS 252.227-7015 (technical data--commercial products) for national defense and DFARS

Programmable DC Power Supply - Cloudinaryg...2017/01/06  · data), 12.212 (computer software). DFARS 252.227-7015 (technical data--commercial products) for national defense and DFARS

Documents
The Essential Roadmap to DFARS Compliance

The Essential Roadmap to DFARS Compliance

Technology
DFARS, System Security Plan & POA&M...DFARS, System Security Plan & POA&M Michael G. Semmens, P.E. President, Imprimis, Inc. (i2) Chairman, National Cyber Exchange (NCX) DFARS 204.73

DFARS, System Security Plan & POA&M...DFARS, System Security Plan & POA&M Michael G. Semmens, P.E. President, Imprimis, Inc. (i2) Chairman, National Cyber Exchange (NCX) DFARS 204.73

Documents
Supply Chain Security: DFARS Detection & Avoidance of

Supply Chain Security: DFARS Detection & Avoidance of

Documents
SPM300-13-R-0040 Page 1 of 98 · SPM300-13-R-0040 Page 4 of 98 DFARS 252.212-7000 Offeror Representations and Certifications --Commercial Items (June 2005).....94 DFARS 252.225-7000

SPM300-13-R-0040 Page 1 of 98 · SPM300-13-R-0040 Page 4 of 98 DFARS 252.212-7000 Offeror Representations and Certifications --Commercial Items (June 2005).....94 DFARS 252.225-7000

Documents
NIST 800-171, DFARS - Florida Industrial Security Working ...fiswg.research.ucf.edu/Documents/PDF/Protecting CUI and NIST-800... · nist 800-171, dfars responsibilities for defense

NIST 800-171, DFARS - Florida Industrial Security Working ...fiswg.research.ucf.edu/Documents/PDF/Protecting CUI and NIST-800... · nist 800-171, dfars responsibilities for defense

Documents
DFARS Clause 252.204-7012, Safeguarding Covered Defense ...Safeguarding Covered Defense Information and Cyber Incident Reporting 48 CFR Parts 202, 204, 212, and 252, DFARS Clause 252.204-7012

DFARS Clause 252.204-7012, Safeguarding Covered Defense ...Safeguarding Covered Defense Information and Cyber Incident Reporting 48 CFR Parts 202, 204, 212, and 252, DFARS Clause 252.204-7012

Documents
DFARS 252.204‐7012 -- SAFEGUARDING COVERED DEFENSE ... · Covered Defense Information ̶Term used to identify information that requires protection under DFARS Clause 252.204-7012

DFARS 252.204‐7012 -- SAFEGUARDING COVERED DEFENSE ... · Covered Defense Information ̶Term used to identify information that requires protection under DFARS Clause 252.204-7012

Documents
State Plan for the State Vocational Rehabilitation …dbs.myflorida.com/Leadership/State-Plan/State-Plan-2015.docx · Web viewIf the designated state agency is not primarily concerned

State Plan for the State Vocational Rehabilitation …dbs.myflorida.com/Leadership/State-Plan/State-Plan-2015.docx · Web viewIf the designated state agency is not primarily concerned

Documents
Guide to Iraq Implementation of DFARS 252 - CO's Guide to... · Web viewPart II – Guide to Iraq/Afghanistan Implementation of DFARS 252.225-7040 Part III - DFARS Deviation 2007-O0010:

Guide to Iraq Implementation of DFARS 252 - CO's Guide to... · Web viewPart II – Guide to Iraq/Afghanistan Implementation of DFARS 252.225-7040 Part III - DFARS Deviation 2007-O0010:

Documents
FAR DFARS NASA Supplemental Contract Terms Conditions

FAR DFARS NASA Supplemental Contract Terms Conditions

Documents
INTEGRATING DFARS REQUIREMENTS INTO YOUR DAY-TO-DAY … · integrating dfars requirements into your day-to-day cyber practices (cyber security series part 2 of 5) acquisition hour

INTEGRATING DFARS REQUIREMENTS INTO YOUR DAY-TO-DAY … · integrating dfars requirements into your day-to-day cyber practices (cyber security series part 2 of 5) acquisition hour

Documents