In early 2015 the Federal Chief Information Officers (CIO) Council and the Chief Acquisition Officers (CAO) Council created a working group to review current contract clauses and information technology (IT) acquisition policies and practices around contractor and subcontractor information system security. This interagency group was comprised of senior experts in acquisition, security, and contract management and their recommendations are included in this guidance to Federal agencies on implementing strengthened cybersecurity protections in Federal acquisitions.
The intent of the proposed guidance is to take major steps toward implementing strengthened cybersecurity protections in Federal acquisitions and therefore mitigating the risk of potential incidents in the future. This proposed guidance also describes steps that agencies should take to perform better business due diligence to support risk management throughout the entire lifespan of an outsourced capability.
If you have ideas on how to improve the proposed guidance, you may make line edit suggestions or initiate or contribute to discussions about the content of the guidance. OMB plans to review and incorporate public feedback, as appropriate, to develop final guidance.
Read and provide feedback on the proposed guidance at policy.cio.gov.
We are seeking your feedback and suggestions on this proposed guidance by September 10, 2015.
You may provide feedback in two ways:
The proposed guidance on this page is compiled from Markdown files using Jekyll. To propose a specific change, you can submit a pull request with your change to one of these source Markdown files.
You can also use GitHub's in-browser editing feature to make an edit to one of these Markdown files and submit your change for consideration without needing to install any additional software.
By contributing to this project, you dedicate your work to the public domain and relinquish any copyright claims under the terms of the CC0 Public Domain Dedication. See LICENSE for additional information.
All comments, messages, pull requests, and other submissions received through official White House pages including this GitHub page may be subject to archiving requirements. See the https://www.whitehouse.gov/privacy for more information.
See CONTRIBUTING for additional information.