External Link Disclaimer

This hyperlink does not constitute endorsement by the U.S. Navy of non-U.S. Government sites or the information, products, or services contained therein. Although the U.S. Navy may or may not use these sites as additional distribution channels for Department of Defense information, it does not exercise editorial control over all of the information that you may find at these locations. Such links are provided consistent with the stated purpose of this website.

Class Deviation 2016- O0001 Safeguarding Covered Defense Information and Cyber Incident Reporting (10/08/2015)

Reference:  DPAP Memo, 10/08/2015 - http://www.acq.osd.mil/dpap/policy/policyvault/USA005505-15-DPAP.pdf

Summary:  Effective immediately, contracting officers shall use the provision 252.204-7008 Compliance with Safeguarding Covered Defense Information Controls (DEVIATION 2016-O0001)(OCT 2015) and clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting (DEVIATION 2016-O0001)(OCT 2015) in lieu of the provision at DFARS 252.204-7008 and the clause at DFARS 252.204-7012.  This deviation allows offerors up to nine (9) months, after contract award to comply with the derived security requirement 3.5.3 "Use of multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts" within NIST special publication 800-171.  Offerors must notify the contracting office if the additional time for compliance will be necessary.  Further details are provided within the deviation.

POC: 703-614-9641

Contact Us!

Special Assistant for Public Affairs
Office of the Assistant Secretary of the Navy for Research, Development & Acquisition
1000 Navy Pentagon 4C656,
Washington, DC 20350

Office Contact:
Email: webmaster_navyaos@navy.mil

Contact the Webmaster

This is an official U.S. Navy website
Contact the Webmaster - Please read our Privacy Policy Notice - No FEAR Act - Section 508