法律人 LawPlayer logo

資料由法律人 LawPlayer整理提供·U.S. federal law / curated by LawPlayer from GPO govinfo & eCFR

CFR Regulation

SOLICITATION PROVISIONS AND CONTRACT CLAUSES

Citation
48 CFR Part 252
Current through
Sections
348
§ 252.101252.101 Using part 252.

(b) Numbering. (2) Provisions or clauses that supplement the FAR.

(ii)(B) DFARS provisions or clauses use a four digit sequential number in the 7000 series, e.g., -7000, -7001, -7002. Department or agency supplemental provisions or clauses use four digit sequential numbers in the 9000 series.

§ 252.103252.103 Identification of provisions and clauses.

For guidance on numbering department or agency provisions and clauses, see PGI 252.103.

§ 252.201-7000252.201-7000 Contracting officer's representative.

As prescribed in 201.602-70, use the following clause:

Contracting Officer's Representative (DEC 1991)

(a) Definition. Contracting officer's representative means an individual designated in accordance with subsection 201.602-2 of the Defense Federal Acquisition Regulation Supplement and authorized in writing by the contracting officer to perform specific technical or administrative functions.

(b) If the Contracting Officer designates a contracting officer's representative (COR), the Contractor will receive a copy of the written designation. It will specify the extent of the COR's authority to act on behalf of the contracting officer. The COR is not authorized to make any commitments or changes that will affect price, quality, quantity, delivery, or any other term or condition of the contract.

(End of clause)

§ 252.203-7000252.203-7000 Requirements Relating to Compensation of Former DoD Officials.

As prescribed in 203.171-4(a), use the following clause:

Requirements Relating to Compensation of Former DoD Officials (SEP 2011)

(a) Definition. Covered DoD official, as used in this clause, means an individual that—

(1) Leaves or left DoD service on or after January 28, 2008; and

(2)(i) Participated personally and substantially in an acquisition as defined in 41 U.S.C. 131 with a value in excess of $10 million, and serves or served—

(A) In an Executive Schedule position under subchapter II of chapter 53 of Title 5, United States Code;

(B) In a position in the Senior Executive Service under subchapter VIII of chapter 53 of Title 5, United States Code; or

(C) In a general or flag officer position compensated at a rate of pay for grade O-7 or above under section 201 of Title 37, United States Code; or

(ii) Serves or served in DoD in one of the following positions: Program manager, deputy program manager, procuring contracting officer, administrative contracting officer, source selection authority, member of the source selection evaluation board, or chief of a financial or technical evaluation team for a contract in an amount in excess of $10 million.

(b) The Contractor shall not knowingly provide compensation to a covered DoD official within 2 years after the official leaves DoD service, without first determining that the official has sought and received, or has not received after 30 days of seeking, a written opinion from the appropriate DoD ethics counselor regarding the applicability of post-employment restrictions to the activities that the official is expected to undertake on behalf of the Contractor.

(c) Failure by the Contractor to comply with paragraph (b) of this clause may subject the Contractor to rescission of this contract, suspension, or debarment in accordance with 41 U.S.C. 2105(c).

(End of clause)

§ 252.203-7001252.203-7001 Prohibition on Persons Convicted of Fraud or Other Defense-Contract-Related Felonies.

As prescribed in 203.570-3, use the following clause:

Prohibition on Persons Convicted of Fraud or Other Defense-Contract-Related Felonies (JAN 2023)

(a) Definitions. As used in this clause—

(1) Arising out of a contract with the DoD means any act in connection with—

(i) Attempting to obtain;

(ii) Obtaining; or

(iii) Performing a contract or first-tier subcontract of any agency, department, or component of the Department of Defense (DoD).

(2) Conviction of fraud or any other felony means any conviction for fraud or a felony in violation of state or Federal criminal statutes, whether entered on a verdict or plea, including a plea of nolo contendere, for which sentence has been imposed.

(3) Date of conviction means the date judgment was entered against the individual.

(b) Any individual who is convicted after September 29, 1988, of fraud or any other felony arising out of a contract with the DoD is prohibited from serving—

(1) In a management or supervisory capacity on this contract;

(2) On the board of directors of the Contractor;

(3) As a consultant, agent, or representative for the Contractor; or

(4) In any other capacity with the authority to influence, advise, or control the decisions of the Contractor with regard to this contract.

(c) Unless waived, the prohibition in paragraph (b) of this clause applies for not less than 5 years from the date of conviction.

(d) 10 U.S.C. 4656 provides that the Contractor shall be subject to a criminal penalty of not more than $500,000 if convicted of knowingly—

(1) Employing a person under a prohibition specified in paragraph (b) of this clause; or

(2) Allowing such a person to serve on the board of directors of the contractor or first-tier subcontractor.

(e) In addition to the criminal penalties contained in 10 U.S.C. 4656, the Government may consider other available remedies, such as—

(1) Suspension or debarment;

(2) Cancellation of the contract at no cost to the Government; or

(3) Termination of the contract for default.

(f) The Contractor may submit written requests for waiver of the prohibition in paragraph (b) of this clause to the Contracting Officer. Requests shall clearly identify—

(1) The person involved;

(2) The nature of the conviction and resultant sentence or punishment imposed;

(3) The reasons for the requested waiver; and

(4) An explanation of why a waiver is in the interest of national security.

(g) Subcontracts. The Contractor agrees to include the substance of this clause, appropriately modified to reflect the identity and relationship of the parties, in all first-tier subcontracts exceeding the simplified acquisition threshold in part 2 of the Federal Acquisition Regulation, except those for commercial products, commercial services, or commercial components.

(h) Pursuant to 10 U.S.C. 4656(c), defense contractors and subcontractors may obtain information as to whether a particular person has been convicted of fraud or any other felony arising out of a contract with the DoD by contacting The Office of Justice Programs, The Denial of Federal Benefits Office, U.S. Department of Justice, telephone (301) 937-1542; www.ojp.usdoj.gov/BJA/grant/DPFC.html.

(End of clause)

§ 252.203-7002252.203-7002 Requirement to Inform Employees of Whistleblower Rights.

As prescribed in 203.970, use the following clause:

Requirement To Inform Employees of Whistleblower Rights (DEC 2022)

(a) The Contractor shall inform its employees in writing, in the predominant native language of the workforce, of contractor employee whistleblower rights and protections under 10 U.S.C. 4701, as described in subpart 203.9 of the Defense Federal Acquisition Regulation Supplement.

(b) The Contractor shall include the substance of this clause, including this paragraph (b), in all subcontracts.

(End of clause)

§ 252.203-7003252.203-7003 Agency Office of the Inspector General.

As prescribed in 203.1004(a), use the following clause:

Agency Office of the Inspector General (AUG 2019)

The agency office of the Inspector General referenced in paragraphs (c) and (d) of FAR clause 52.203-13, Contractor Code of Business Ethics and Conduct, is the DoD Office of Inspector General at the following address:

Department of Defense Office of Inspector General, Administrative Investigations, Contractor Disclosure Program, 4800 Mark Center Drive, Suite 14L25, Alexandria, VA 22350-1500.

Toll Free Telephone: 866-429-8011. Website: https://www.dodig.mil/Programs/Contractor-Disclosure-Program/.

(End of clause)

§ 252.203-7004252.203-7004 Display of Hotline Posters.

As prescribed in 203.1004(b)(2)(ii), use the following clause:

Display of Hotline Posters (JAN 2023)

(a) Definition. As used in this clause—

United States means the 50 States, the District of Columbia, and outlying areas.

(b) Display of hotline poster(s). (1)(i) The Contractor shall display prominently the DoD fraud, waste, and abuse hotline poster prepared by the DoD Office of the Inspector General, in effect at time of contract award, in common work areas within business segments performing work under Department of Defense (DoD) contracts.

(ii) For contracts performed outside the United States, when security concerns can be appropriately demonstrated, the contracting officer may provide the contractor the option to publicize the program to contractor personnel in a manner other than public display of the poster, such as private employee written instructions and briefings.

(2) If the contract is funded, in whole or in part, by Department of Homeland Security (DHS) disaster relief funds and the work is to be performed in the United States, the DHS fraud hotline poster shall be displayed in addition to the DoD hotline poster. If a display of a DHS fraud hotline poster is required, the Contractor may obtain such poster from—

(i) DHS Office of Inspector General/MAIL STOP 0305, Attn: Office of Investigations—Hotline, 245 Murray Lane SW., Washington, DC 20528-0305; or

(ii) Via the Internet at https://www.oig.dhs.gov/assets/Hotline/DHS_OIG_Hotline-optimized.jpg.

(c)(1) These DoD hotline poster may be obtained from: Defense Hotline, The Pentagon, Washington, DC 20301-1900, or is also available via the internet at https://www.dodig.mil/Resources/Posters-and-Brochures/.

(2) If a significant portion of the employee workforce does not speak English, then the poster is to be displayed in the foreign languages that a significant portion of the employees speak.

(3) Additionally, if the Contractor maintains a company Web site as a method of providing information to employees, the Contractor shall display an electronic version of the required poster at the Web site.

(d) Subcontracts. The Contractor shall include the substance of this clause, including this paragraph (d), in all subcontracts that exceed the threshold specified in Defense Federal Acquisition Regulation Supplement 203.1004(b)(2)(ii) on the date of subcontract award, except when the subcontract is for the acquisition of a commercial product or commercial service.

(End of clause)

§ 252.203-7005252.203-7005 Representation Relating to Compensation of Former DoD Officials.

As prescribed in 203.171-4(b), insert the following provision:

Representation Relating to Compensation of Former DOD Officials (Sep 2022)

(a) Definition. Covered DoD official is defined in the clause at 252.203-7000, Requirements Relating to Compensation of Former DoD Officials.

(b) By submission of this offer, the Offeror represents, to the best of its knowledge and belief, that all covered DoD officials employed by or otherwise receiving compensation from the Offeror, and who are expected to undertake activities on behalf of the Offeror for any resulting contract, are presently in compliance with all applicable post-employment restrictions, including those contained in 18 U.S.C. 207, 41 U.S.C. 2101-2107, 5 CFR part 2641, section 1045 of the National Defense Authorization Act for Fiscal Year 2018 (Pub. L. 115-91), and Federal Acquisition Regulation 3.104-2.

(End of provision)

§ 252.204-7000252.204-7000 Disclosure of information.

As prescribed in 204.404-70(a), use the following clause:

Disclosure of Information (OCT 2016)

(a) The Contractor shall not release to anyone outside the Contractor's organization any unclassified information, regardless of medium (e.g., film, tape, document), pertaining to any part of this contract or any program related to this contract, unless—

(1) The Contracting Officer has given prior written approval;

(2) The information is otherwise in the public domain before the date of release; or

(3) The information results from or arises during the performance of a project that involves no covered defense information (as defined in the clause at DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting) and has been scoped and negotiated by the contracting activity with the contractor and research performer and determined in writing by the contracting officer to be fundamental research (which by definition cannot involve any covered defense information), in accordance with National Security Decision Directive 189, National Policy on the Transfer of Scientific, Technical and Engineering Information, in effect on the date of contract award and the Under Secretary of Defense (Acquisition, Technology, and Logistics) memoranda on Fundamental Research, dated May 24, 2010, and on Contracted Fundamental Research, dated June 26, 2008 (available at DFARS PGI 204.4).

(b) Requests for approval under paragraph (a)(1) shall identify the specific information to be released, the medium to be used, and the purpose for the release. The Contractor shall submit its request to the Contracting Officer at least 10 business days before the proposed date for release.

(c) The Contractor agrees to include a similar requirement, including this paragraph (c), in each subcontract under this contract. Subcontractors shall submit requests for authorization to release through the prime contractor to the Contracting Officer.

(End of clause)

§ 252.204-7002252.204-7002 Payment for Contract Line or Subline Items Not Separately Priced.

As prescribed in 204.7109(a), use the following clause:

Payment for Contract Line or Subline Items Not Separately Priced (APR 2020)

(a) If the schedule in this contract contains any contract line or subline items identified as not separately priced (NSP), it means that the unit price for the NSP line or subline item is included in the unit price of another, related line or subline item.

(b) The Contractor shall not invoice the Government for an item that includes in its price an NSP item until—

(1) The Contractor has also delivered the NSP item included in the price of the item being invoiced; and

(2) The Government has accepted the NSP item.

(c) This clause does not apply to technical data.

(End of clause)

§ 252.204-7003252.204-7003 Control of government personnel work product.

As prescribed in 204.404-70(b), use the following clause:

Control of Government Personnel Work Product (APR 1992)

The Contractor's procedures for protecting against unauthorized disclosure of information shall not require Department of Defense employees or members of the Armed Forces to relinquish control of their work products, whether classified or not, to the contractor.

(End of clause)

§ 252.204-7004252.204-7004 Antiterrorism Awareness Training for Contractors.

As prescribed in 204.7203, use the following clause:

Antiterrorism Awareness Training for Contractors (JAN 2023)

(a) Definition. As used in this clause—

Military installation means a base, camp, post, station, yard, center, or other activity under the jurisdiction of the Secretary of a military department or, in the case of an activity in a foreign country, under the operational control of the Secretary of a military department or the Secretary of Defense (see 10 U.S.C. 2801(c)(4)).

(b) Training. Contractor personnel who require routine physical access to a Federally-controlled facility or military installation shall complete Level I antiterrorism awareness training within 30 days of requiring access and annually thereafter. In accordance with Department of Defense Instruction O-2000.16 Volume 1, DoD Antiterrorism (AT) Program Implementation: DoD AT Standards, Level I antiterrorism awareness training shall be completed—

(1) Through a DoD-sponsored and certified computer or web-based distance learning instruction for Level I antiterrorism awareness; or

(2) Under the instruction of a Level I antiterrorism awareness instructor.

(c) Additional information. Information and guidance pertaining to DoD antiterrorism awareness training is available at https://jko.jten.mil/ or as otherwise identified in the performance work statement.

(d) Subcontracts. The Contractor shall include the substance of this clause, including this paragraph (d), in subcontracts, including subcontracts for commercial products and commercial services, when subcontractor performance requires routine physical access to a Federally-controlled facility or military installation.

(End of clause)

§ 252.204-7006252.204-7006 Billing Instructions—Cost Vouchers.

As prescribed in 204.7109(b), use the following clause:

Billing Instructions—Cost Vouchers (MAY 2023)

When submitting a request for payment using a cost voucher, the Contractor shall—

(a) Identify the contract line item(s) on the payment request that reasonably reflect contract work performance; and

(b) Separately identify a payment amount for each contract line item included in the payment request.

(End of clause)

§ 252.204-7007252.204-7007 Alternate A, Annual Representations and Certifications.

As prescribed in 204.1202, use the following provision:

Alternate A, Annual Representations and Certifications (OCT 2025)

Substitute the following paragraphs (b), (d), and (e) for paragraphs (b) and (d) of the provision at FAR 52.204-8:

(b)(1) If the provision at FAR 52.204-7, System for Award Management, is included in this solicitation, paragraph (e) of this provision applies.

(2) If the provision at FAR 52.204-7, System for Award Management, is not included in this solicitation, and the Offeror has an active registration in the System for Award Management (SAM), the Offeror may choose to use paragraph (e) of this provision instead of completing the corresponding individual representations and certifications in the solicitation. The Offeror shall indicate which option applies by checking one of the following boxes:

____ (i) Paragraph (e) applies.

____ (ii) Paragraph (e) does not apply and the Offeror has completed the individual representations and certifications in the solicitation.

(d)(1) The following representations or certifications in the SAM database are applicable to this solicitation as indicated:

(i) 252.204-7016, Covered Defense Telecommunications Equipment or Services—Representation. Applies to all solicitations.

(ii) 252.216-7008, Economic Price Adjustment—Wage Rates or Material Prices Controlled by a Foreign Government. Applies to solicitations for fixed-price supply and service contracts when the contract is to be performed wholly or in part in a foreign country, and a foreign government controls wage rates or material prices and may during contract performance impose a mandatory change in wages or prices of materials.

(iii) 252.225-7042, Authorization to Perform. Applies to all solicitations when performance will be wholly or in part in a foreign country.

(iv) 252.225-7049, Prohibition on Acquisition of Certain Foreign Commercial Satellite Services—Representations. Applies to solicitations for the acquisition of commercial satellite services.

(v) 252.225-7050, Disclosure of Ownership or Control by the Government of a Country that is a State Sponsor of Terrorism. Applies to all solicitations expected to result in contracts of $200,000 or more.

(vi) 252.229-7012, Tax Exemptions (Italy)—Representation. Applies to solicitations when contract performance will be in Italy.

(vii) 252.229-7013, Tax Exemptions (Spain)—Representation. Applies to solicitations when contract performance will be in Spain.

(2) The following representations or certifications in SAM are applicable to this solicitation as indicated by the Contracting Officer: [ Contracting Officer check as appropriate. ]

____(i) 252.209-7002, Disclosure of Ownership or Control by a Foreign Government.

____(ii) 252.225-7000, Buy American—Balance of Payments Program Certificate.

____(iii) 252.225-7020, Trade Agreements Certificate.

____Use with Alternate I.

____(iv) 252.225-7031, Secondary Arab Boycott of Israel.

____(v) 252.225-7035, Buy American—Free Trade Agreements—Balance of Payments Program Certificate.

____Use with Alternate I.

____Use with Alternate II.

____Use with Alternate III.

____Use with Alternate IV.

____Use with Alternate V.

____ (vi) 252.226-7002, Representation for Demonstration Project for Contractors Employing Persons with Disabilities.

____ (vii) 252.232-7015, Performance-Based Payments—Representation.

(e) The Offeror has completed the annual representations and certifications electronically via the SAM website at https://www.sam.gov After reviewing the SAM database information, the Offeror verifies by submission of the offer that the representations and certifications currently posted electronically that apply to this solicitation as indicated in FAR 52.204-8(c) and paragraph (d) of this provision have been entered or updated within the last 12 months, are current, accurate, complete, and applicable to this solicitation (including the business size standard applicable to the NAICS code referenced for this solicitation), as of the date of this offer, and are incorporated in this offer by reference (see FAR 4.1201); except for the changes identified below [ Offeror to insert changes, identifying change by provision number, title, date ]. These amended representation(s) and/or certification(s) are also incorporated in this offer and are current, accurate, and complete as of the date of this offer.

FAR/DFARS provision No.

Title

Date

Change

Any changes provided by the Offeror are applicable to this solicitation only, and do not result in an update to the representations and certifications located in the SAM database.

(End of provision)

§ 252.204-7008252.204-7008 Compliance with safeguarding covered defense information controls.

As prescribed in 204.7304(a), use the following provision:

Compliance With Safeguarding Covered Defense Information Controls (OCT 2016)

(a) Definitions. As used in this provision—

Controlled technical information, covered contractor information system, covered defense information, cyber incident, information system, and technical information are defined in clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting.

(b) The security requirements required by contract clause 252.204-7012, shall be implemented for all covered defense information on all covered contractor information systems that support the performance of this contract.

(c) For covered contractor information systems that are not part of an information technology service or system operated on behalf of the Government (see 252.204-7012(b)(2))—

(1) By submission of this offer, the Offeror represents that it will implement the security requirements specified by National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” (see http://dx.doi.org/10.6028/NIST.SP.800-171 )that are in effect at the time the solicitation is issued or as authorized by the contracting officer, not later than December 31, 2017.

(2)(i) If the Offeror proposes to vary from any of the security requirements specified by NIST SP 800-171 that are in effect at the time the solicitation is issued or as authorized by the Contracting Officer, the Offeror shall submit to the Contracting Officer, for consideration by the DoD Chief Information Officer (CIO), a written explanation of—

(A) Why a particular security requirement is not applicable; or

(B) How an alternative but equally effective, security measure is used to compensate for the inability to satisfy a particular requirement and achieve equivalent protection.

(ii) An authorized representative of the DoD CIO will adjudicate offeror requests to vary from NIST SP 800-171 requirements in writing prior to contract award. Any accepted variance from NIST SP 800-171 shall be incorporated into the resulting contract.

(End of provision)

§ 252.204-7009252.204-7009 Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information.

As prescribed in 204.7304(b), use the following clause:

Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information (JAN 2023)

(a) Definitions. As used in this clause—

Compromise means disclosure of information to unauthorized persons, or a violation of the security policy of a system, in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object, or the copying of information to unauthorized media may have occurred.

Controlled technical information means technical information with military or space application that is subject to controls on the access, use, reproduction, modification, performance, display, release, disclosure, or dissemination. Controlled technical information would meet the criteria, if disseminated, for distribution statements B through F using the criteria set forth in DoD Instruction 5230.24, Distribution Statements on Technical Documents. The term does not include information that is lawfully publicly available without restrictions.

Covered defense information means unclassified controlled technical information or other information (as described in the Controlled Unclassified Information (CUI) Registry at http://www.archives.gov/cui/registry/category-list.html ) that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Governmentwide policies, and is—

(1) Marked or otherwise identified in the contract, task order, or delivery order and provided to the contractor by or on behalf of DoD in support of the performance of the contract; or

(2) Collected, developed, received, transmitted, used, or stored by or on behalf of the contractor in support of the performance of the contract.

Cyber incident means actions taken through the use of computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein.

Information system means a discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.

Media means physical devices or writing surfaces including, but is not limited to, magnetic tapes, optical disks, magnetic disks, large-scale integration memory chips, and printouts onto which covered defense information is recorded, stored, or printed within a covered contractor information system.

Technical information means technical data or computer software, as those terms are defined in the clause at DFARS 252.227-7013, Rights in Technical Data—Other Than Commercial Products and Commercial Services, regardless of whether or not the clause is incorporated in this solicitation or contract. Examples of technical information include research and engineering data, engineering drawings, and associated lists, specifications, standards, process sheets, manuals, technical reports, technical orders, catalog-item identifications, data sets, studies and analyses and related information, and computer software executable code and source code.

(b) Restrictions. The Contractor agrees that the following conditions apply to any information it receives or creates in the performance of this contract that is information obtained from a third-party's reporting of a cyber incident pursuant to DFARS clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting (or derived from such information obtained under that clause):

(1) The Contractor shall access and use the information only for the purpose of furnishing advice or technical assistance directly to the Government in support of the Government's activities related to clause 252.204-7012, and shall not be used for any other purpose.

(2) The Contractor shall protect the information against unauthorized release or disclosure.

(3) The Contractor shall ensure that its employees are subject to use and non-disclosure obligations consistent with this clause prior to the employees being provided access to or use of the information.

(4) The third-party contractor that reported the cyber incident is a third-party beneficiary of the non-disclosure agreement between the Government and Contractor, as required by paragraph (b)(3) of this clause.

(5) A breach of these obligations or restrictions may subject the Contractor to—

(i) Criminal, civil, administrative, and contractual actions in law and equity for penalties, damages, and other appropriate remedies by the United States; and

(ii) Civil actions for damages and other appropriate remedies by the third party that reported the cyber incident, as a third party beneficiary of this clause.

(c) Subcontracts. The Contractor shall include this clause, including this paragraph (c), in subcontracts, or similar contractual instruments, for services that include support for the Government's activities related to safeguarding covered defense information and cyber incident reporting, including subcontracts for commercial products and commercial services, without alteration, except to identify the parties.

(End of clause)

§ 252.204-7010252.204-7010 Requirement for Contractor To Notify DoD if the Contractor's Activities are Subject to Reporting Under the U.S.-International Atomic Energy Agency Additional Protocol.

As prescribed in 204.470-3, use the following clause:

Requirement for Contractor To Notify DoD if the Contractor's Activities Are Subject to Reporting Under the U.S.-International Atomic Energy Agency Additional Protocol (JAN 2009)

(a) If the Contractor is required to report any of its activities in accordance with Department of Commerce regulations (15 CFR part 781 et seq. ) or Nuclear Regulatory Commission regulations (10 CFR part 75) in order to implement the declarations required by the U.S.-International Atomic Energy Agency Additional Protocol (U.S.-IAEA AP), the Contractor shall—

(1) Immediately provide written notification to the following DoD Program Manager:

[Contracting Officer to insert Program Manager's name, mailing address, e-mail address, telephone number, and facsimile number];

(2) Include in the notification—

(i) Where DoD contract activities or information are located relative to the activities or information to be declared to the Department of Commerce or the Nuclear Regulatory Commission; and

(ii) If or when any current or former DoD contract activities and the activities to be declared to the Department of Commerce or the Nuclear Regulatory Commission have been or will be co-located or located near enough to one another to result in disclosure of the DoD activities during an IAEA inspection or visit; and

(3) Provide a copy of the notification to the Contracting Officer.

(b) After receipt of a notification submitted in accordance with paragraph (a) of this clause, the DoD Program Manager will—

(1) Conduct a security assessment to determine if and by what means access may be granted to the IAEA; or

(2) Provide written justification to the component or agency treaty office for a national security exclusion, in accordance with DoD Instruction 2060.03, Application of the National Security Exclusion to the Agreements Between the United States of America and the International Atomic Energy Agency for the Application of Safeguards in the United States of America. DoD will notify the Contractor if a national security exclusion is applied at the Contractor's location to prohibit access by the IAEA.

(c) If the DoD Program Manager determines that a security assessment is required—

(1) DoD will, at a minimum—

(i) Notify the Contractor that DoD officials intend to conduct an assessment of vulnerabilities to IAEA inspections or visits;

(ii) Notify the Contractor of the time at which the assessment will be conducted, at least 30 days prior to the assessment;

(iii) Provide the Contractor with advance notice of the credentials of the DoD officials who will conduct the assessment; and

(iv) To the maximum extent practicable, conduct the assessment in a manner that does not impede or delay operations at the Contractor's facility; and

(2) The Contractor shall provide access to the site and shall cooperate with DoD officials in the assessment of vulnerabilities to IAEA inspections or visits.

(d) Following a security assessment of the Contractor's facility, DoD officials will notify the Contractor as to—

(1) Whether the Contractor's facility has any vulnerabilities where potentially declarable activities under the U.S.-IAEA AP are taking place;

(2) Whether additional security measures are needed; and

(3) Whether DoD will apply a national security exclusion.

(e) If DoD applies a national security exclusion, the Contractor shall not grant access to IAEA inspectors.

(f) If DoD does not apply a national security exclusion, the Contractor shall apply managed access to prevent disclosure of program activities, locations, or information in the U.S. declaration.

(g) The Contractor shall not delay submission of any reports required by the Department of Commerce or the Nuclear Regulatory Commission while awaiting a DoD response to a notification provided in accordance with this clause.

(h) The Contractor shall incorporate the substance of this clause, including this paragraph (h), in all subcontracts that are subject to the provisions of the U.S.-IAEA AP.

(End of clause)

§ 252.204-7012252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting.

As prescribed in 204.7304(c), use the following clause:

Safeguarding Covered Defense Information and Cyber Incident Reporting (MAY 2024)

(a) Definitions. As used in this clause—

Adequate security means protective measures that are commensurate with the consequences and probability of loss, misuse, or unauthorized access to, or modification of information.

Compromise means disclosure of information to unauthorized persons, or a violation of the security policy of a system, in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object, or the copying of information to unauthorized media may have occurred.

Contractor attributional/proprietary information means information that identifies the contractor(s), whether directly or indirectly, by the grouping of information that can be traced back to the contractor(s) ( e.g., program description, facility locations), personally identifiable information, as well as trade secrets, commercial or financial information, or other commercially sensitive information that is not customarily shared outside of the company.

Controlled technical information means technical information with military or space application that is subject to controls on the access, use, reproduction, modification, performance, display, release, disclosure, or dissemination. Controlled technical information would meet the criteria, if disseminated, for distribution statements B through F using the criteria set forth in DoD Instruction 5230.24, Distribution Statements on Technical Documents. The term does not include information that is lawfully publicly available without restrictions.

Covered contractor information system means an unclassified information system that is owned, or operated by or for, a contractor and that processes, stores, or transmits covered defense information.

Covered defense information means unclassified controlled technical information or other information, as described in the Controlled Unclassified Information (CUI) Registry at http://www.archives.gov/cui/registry/category-list.html, that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Governmentwide policies, and is—

(1) Marked or otherwise identified in the contract, task order, or delivery order and provided to the contractor by or on behalf of DoD in support of the performance of the contract; or

(2) Collected, developed, received, transmitted, used, or stored by or on behalf of the contractor in support of the performance of the contract.

Cyber incident means actions taken through the use of computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein.

Forensic analysis means the practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data.

Information system means a discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.

Malicious software means computer software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. This definition includes a virus, worm, Trojan horse, or other code-based entity that infects a host, as well as spyware and some forms of adware.

Media means physical devices or writing surfaces including, but is not limited to, magnetic tapes, optical disks, magnetic disks, large-scale integration memory chips, and printouts onto which covered defense information is recorded, stored, or printed within a covered contractor information system.

Operationally critical support means supplies or services designated by the Government as critical for airlift, sealift, intermodal transportation services, or logistical support that is essential to the mobilization, deployment, or sustainment of the Armed Forces in a contingency operation.

Rapidly report means within 72 hours of discovery of any cyber incident.

Technical information means technical data or computer software, as those terms are defined in the clause at DFARS 252.227-7013, Rights in Technical Data—Other Than Commercial Products and Commercial Services, regardless of whether or not the clause is incorporated in this solicitation or contract. Examples of technical information include research and engineering data, engineering drawings, and associated lists, specifications, standards, process sheets, manuals, technical reports, technical orders, catalog-item identifications, data sets, studies and analyses and related information, and computer software executable code and source code.

(b) Adequate security. The Contractor shall provide adequate security on all covered contractor information systems. To provide adequate security, the Contractor shall implement, at a minimum, the following information security protections:

(1) For covered contractor information systems that are part of an information technology (IT) service or system operated on behalf of the Government, the following security requirements apply:

(i) Cloud computing services shall be subject to the security requirements specified in the clause 252.239-7010, Cloud Computing Services, of this contract.

(ii) Any other such IT service or system ( i.e., other than cloud computing) shall be subject to the security requirements specified elsewhere in this contract.

(2) For covered contractor information systems that are not part of an IT service or system operated on behalf of the Government and therefore are not subject to the security requirement specified at paragraph (b)(1) of this clause, the following security requirements apply:

(i) Except as provided in paragraph (b)(2)(ii) of this clause, the covered contractor information system shall be subject to the security requirements in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” (available via the internet at https://csrc.nist.gov/publications/sp800 ) in effect at the time the solicitation is issued or as authorized by the Contracting Officer.

(ii)(A) The Contractor shall implement NIST SP 800-171, as soon as practical, but not later than December 31, 2017. For all contracts awarded prior to October 1, 2017, the Contractor shall notify the DoD Chief Information Officer (CIO), via email at [email protected], within 30 days of contract award, of any security requirements specified by NIST SP 800-171 not implemented at the time of contract award.

(B) The Contractor shall submit requests to vary from NIST SP 800-171 in writing to the Contracting Officer, for consideration by the DoD CIO. The Contractor need not implement any security requirement adjudicated by an authorized representative of the DoD CIO to be nonapplicable or to have an alternative, but equally effective, security measure that may be implemented in its place.

(C) If the DoD CIO has previously adjudicated the contractor's requests indicating that a requirement is not applicable or that an alternative security measure is equally effective, a copy of that approval shall be provided to the Contracting Officer when requesting its recognition under this contract.

(D) If the Contractor intends to use an external cloud service provider to store, process, or transmit any covered defense information in performance of this contract, the Contractor shall require and ensure that the cloud service provider meets security requirements equivalent to those established by the Government for the Federal Risk and Authorization Management Program (FedRAMP) Moderate baseline ( https://www.fedramp.gov/documents-templates/ ) and that the cloud service provider complies with requirements in paragraphs (c) through (g) of this clause for cyber incident reporting, malicious software, media preservation and protection, access to additional information and equipment necessary for forensic analysis, and cyber incident damage assessment.

(3) Apply other information systems security measures when the Contractor reasonably determines that information systems security measures, in addition to those identified in paragraphs (b)(1) and (2) of this clause, may be required to provide adequate security in a dynamic environment or to accommodate special circumstances ( e.g., medical devices) and any individual, isolated, or temporary deficiencies based on an assessed risk or vulnerability. These measures may be addressed in a system security plan.

(c) Cyber incident reporting requirement.

(1) When the Contractor discovers a cyber incident that affects a covered contractor information system or the covered defense information residing therein, or that affects the contractor's ability to perform the requirements of the contract that are designated as operationally critical support and identified in the contract, the Contractor shall—

(i) Conduct a review for evidence of compromise of covered defense information, including, but not limited to, identifying compromised computers, servers, specific data, and user accounts. This review shall also include analyzing covered contractor information system(s) that were part of the cyber incident, as well as other information systems on the Contractor's network(s), that may have been accessed as a result of the incident in order to identify compromised covered defense information, or that affect the Contractor's ability to provide operationally critical support; and

(ii) Rapidly report cyber incidents to DoD at https://dibnet.dod.mil.

(2) Cyber incident report. The cyber incident report shall be treated as information created by or for DoD and shall include, at a minimum, the required elements at https://dibnet.dod.mil.

(3) Medium assurance certificate requirement. In order to report cyber incidents in accordance with this clause, the Contractor or subcontractor shall have or acquire a DoD-approved medium assurance certificate to report cyber incidents. For information on obtaining a DoD-approved medium assurance certificate, see https://public.cyber.mil/eca/ .

(d) Malicious software. When the Contractor or subcontractors discover and isolate malicious software in connection with a reported cyber incident, submit the malicious software to DoD Cyber Crime Center (DC3) in accordance with instructions provided by DC3 or the Contracting Officer. Do not send the malicious software to the Contracting Officer.

(e) Media preservation and protection. When a Contractor discovers a cyber incident has occurred, the Contractor shall preserve and protect images of all known affected information systems identified in paragraph (c)(1)(i) of this clause and all relevant monitoring/packet capture data for at least 90 days from the submission of the cyber incident report to allow DoD to request the media or decline interest.

(f) Access to additional information or equipment necessary for forensic analysis. Upon request by DoD, the Contractor shall provide DoD with access to additional information or equipment that is necessary to conduct a forensic analysis.

(g) Cyber incident damage assessment activities. If DoD elects to conduct a damage assessment, the Contracting Officer will request that the Contractor provide all of the damage assessment information gathered in accordance with paragraph (e) of this clause.

(h) DoD safeguarding and use of contractor attributional/proprietary information. The Government shall protect against the unauthorized use or release of information obtained from the contractor (or derived from information obtained from the contractor) under this clause that includes contractor attributional/proprietary information, including such information submitted in accordance with paragraph (c). To the maximum extent practicable, the Contractor shall identify and mark attributional/proprietary information. In making an authorized release of such information, the Government will implement appropriate procedures to minimize the contractor attributional/proprietary information that is included in such authorized release, seeking to include only that information that is necessary for the authorized purpose(s) for which the information is being released.

(i) Use and release of contractor attributional/proprietary information not created by or for DoD. Information that is obtained from the contractor (or derived from information obtained from the contractor) under this clause that is not created by or for DoD is authorized to be released outside of DoD—

(1) To entities with missions that may be affected by such information;

(2) To entities that may be called upon to assist in the diagnosis, detection, or mitigation of cyber incidents;

(3) To Government entities that conduct counterintelligence or law enforcement investigations;

(4) For national security purposes, including cyber situational awareness and defense purposes (including with Defense Industrial Base (DIB) participants in the program at 32 CFR part 236); or

(5) To a support services contractor (“recipient”) that is directly supporting Government activities under a contract that includes the clause at 252.204-7009, Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information.

(j) Use and release of contractor attributional/proprietary information created by or for DoD. Information that is obtained from the contractor (or derived from information obtained from the contractor) under this clause that is created by or for DoD (including the information submitted pursuant to paragraph (c) of this clause) is authorized to be used and released outside of DoD for purposes and activities authorized by paragraph (i) of this clause, and for any other lawful Government purpose or activity, subject to all applicable statutory, regulatory, and policy based restrictions on the Government's use and release of such information.

(k) The Contractor shall conduct activities under this clause in accordance with applicable laws and regulations on the interception, monitoring, access, use, and disclosure of electronic communications and data.

(l) Other safeguarding or reporting requirements. The safeguarding and cyber incident reporting required by this clause in no way abrogates the Contractor's responsibility for other safeguarding or cyber incident reporting pertaining to its unclassified information systems as required by other applicable clauses of this contract, or as a result of other applicable U.S. Government statutory or regulatory requirements.

(m) Subcontracts. The Contractor shall—

(1) Include this clause, including this paragraph (m), in subcontracts, or similar contractual instruments, for operationally critical support, or for which subcontract performance will involve covered defense information, including subcontracts for commercial products or commercial services, without alteration, except to identify the parties. The Contractor shall determine if the information required for subcontractor performance retains its identity as covered defense information and will require protection under this clause, and, if necessary, consult with the Contracting Officer; and

(2) Require subcontractors to—

(i) Notify the prime Contractor (or next higher-tier subcontractor) when submitting a request to vary from a NIST SP 800-171 security requirement to the Contracting Officer, in accordance with paragraph (b)(2)(ii)(B) of this clause; and

(ii) Provide the incident report number, automatically assigned by DoD, to the prime Contractor (or next higher-tier subcontractor) as soon as practicable, when reporting a cyber incident to DoD as required in paragraph (c) of this clause.

(End of clause)

§ 252.204-7014252.204-7014 Limitations on the Use or Disclosure of Information by Litigation Support Contractors.

As prescribed in 204.7403(a), use the following clause:

Limitations on the Use or Disclosure of Information by Litigation Support Contractors (JAN 2023)

(a) Definitions. As used in this clause—

Computer software means computer programs, source code, source code listings, object code listings, design details, algorithms, processes, flow charts, formulae, and related material that would enable the software to be reproduced, recreated, or recompiled. Computer software does not include computer data bases or computer software documentation.

Litigation information means any information, including sensitive information, that is furnished to the contractor by or on behalf of the Government, or that is generated or obtained by the contractor in the performance of litigation support under a contract. The term does not include information that is lawfully, publicly available without restriction, including information contained in a publicly available solicitation.

Litigation support means administrative, technical, or professional services provided in support of the Government during or in anticipation of litigation.

Litigation support contractor means a contractor (including its experts, technical consultants, subcontractors, and suppliers) providing litigation support under a contract that contains this clause.

Sensitive information means controlled unclassified information of a commercial, financial, proprietary, or privileged nature. The term includes technical data and computer software, but does not include information that is lawfully, publicly available without restriction.

Technical data means recorded information, regardless of the form or method of the recording, of a scientific or technical nature (including computer software documentation). The term does not include computer software or data incidental to contract administration, such as financial and/or management information.

(b) Limitations on use or disclosure of litigation information. Notwithstanding any other provision of this contract, the Contractor shall—

(1) Access and use litigation information only for the purpose of providing litigation support under this contract;

(2) Not disclose litigation information to any entity outside the Contractor's organization unless, prior to such disclosure the Contracting Officer has provided written consent to such disclosure;

(3) Take all precautions necessary to prevent unauthorized disclosure of litigation information;

(4) Not use litigation information to compete against a third party for Government or nongovernment contracts; and

(5) Upon completion of the authorized litigation support activities, destroy or return to the Government at the request of the Contracting Officer all litigation information in its possession.

(c) Violation of paragraph (b)(1),(b)(2), (b)(3), (b)(4), or (b)(5) of this clause is a basis for the Government to terminate this contract.

(d) Indemnification and creation of third party beneficiary rights. The Contractor agrees—

(1) To indemnify and hold harmless the Government, its agents, and employees from any claim or liability, including attorneys' fees, court costs, and expenses, arising out of, or in any way related to, the misuse or unauthorized modification, reproduction, release, performance, display, or disclosure of any litigation information; and

(2) That any third party holding proprietary rights or any other legally protectable interest in any litigation information, in addition to any other rights it may have, is a third party beneficiary under this contract who shall have a right of direct action against the Contractor, and against any person to whom the Contractor has released or disclosed such litigation information, for any such unauthorized use or disclosure of such information.

(e) Contractor employees. The Contractor shall ensure that its employees are subject to use and nondisclosure obligations consistent with this clause prior to the employees being provided access to or use of any litigation information covered by this clause.

(f) Subcontracts. Include the substance of this clause, including this paragraph (f), in all subcontracts, including subcontracts for commercial products or commercial services.

(End of clause)

§ 252.204-7015252.204-7015 Notice of Authorized Disclosure of Information for Litigation Support.

As prescribed in 204.7403(b), use the following clause:

Notice of Authorized Disclosure of Information for Litigation Support (JAN 2023)

(a) Definitions. As used in this clause—

Computer software means computer programs, source code, source code listings, object code listings, design details, algorithms, processes, flow charts, formulae, and related material that would enable the software to be reproduced, recreated, or recompiled. Computer software does not include computer data bases or computer software documentation.

Litigation support means administrative, technical, or professional services provided in support of the Government during or in anticipation of litigation.

Litigation support contractor means a contractor (including its experts, technical consultants, subcontractors, and suppliers) providing litigation support under a contract that contains the clause at 252.204-7014, Limitations on the Use or Disclosure of Information by Litigation Support Contractors.

Sensitive information means controlled unclassified information of a commercial, financial, proprietary, or privileged nature. The term includes technical data and computer software, but does not include information that is lawfully, publicly available without restriction.

Technical data means recorded information, regardless of the form or method of the recording, of a scientific or technical nature (including computer software documentation). The term does not include computer software or data incidental to contract administration, such as financial and/or management information.

(b) Notice of authorized disclosures Notwithstanding any other provision of this solicitation or contract, the Government may disclose to a litigation support contractor, for the sole purpose of litigation support activities, any information, including sensitive information, received—

(1) Within or in connection with a quotation or offer; or

(2) In the performance of or in connection with a contract.

(c) Subcontracts. Include the substance of this clause, including this paragraph (c), in all subcontracts, including subcontracts for commercial products or commercial services.

(End of clause)

§ 252.204-7016252.204-7016 Covered Defense Telecommunications Equipment or Services—Representation.

As prescribed in 204.2105(a), use the following provision:

Covered Defense Telecommunications Equipment or Services—Representation (DEC 2019)

(a) Definitions. As used in this provision, covered defense telecommunications equipment or services has the meaning provided in the clause 252.204-7018, Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services.

(b) Procedures. The Offeror shall review the list of excluded parties in the System for Award Management (SAM) ( https://www.sam.gov ) for entities excluded from receiving federal awards for “covered defense telecommunications equipment or services”.

(c) Representation. The Offeror represents that it [ ] does, [ ] does not provide covered defense telecommunications equipment or services as a part of its offered products or services to the Government in the performance of any contract, subcontract, or other contractual instrument.

(End of provision)

§ 252.204-7017252.204-7017 Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services—Representation.

As prescribed in 204.2105(b), use the following provision:

Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services—Representation (May 2021)

The Offeror is not required to complete the representation in this provision if the Offeror has represented in the provision at 252.204-7016, Covered Defense Telecommunications Equipment or Services—Representation, that it “does not provide covered defense telecommunications equipment or services as a part of its offered products or services to the Government in the performance of any contract, subcontract, or other contractual instrument.”

(a) Definitions. Covered defense telecommunications equipment or services, covered mission, critical technology, and substantial or essential component, as used in this provision, have the meanings given in the 252.204-7018 clause, Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services, of this solicitation.

(b) Prohibition. Section 1656 of the National Defense Authorization Act for Fiscal Year 2018 (Pub. L. 115-91) prohibits agencies from procuring or obtaining, or extending or renewing a contract to procure or obtain, any equipment, system, or service to carry out covered missions that uses covered defense telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.

(c) Procedures. The Offeror shall review the list of excluded parties in the System for Award Management (SAM) at https://www.sam.gov for entities that are excluded when providing any equipment, system, or service to carry out covered missions that uses covered defense telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system, unless a waiver is granted.

(d) Representation. If in its annual representations and certifications in SAM the Offeror has represented in paragraph (c) of the provision at 252.204-7016, Covered Defense Telecommunications Equipment or Services—Representation, that it “does” provide covered defense telecommunications equipment or services as a part of its offered products or services to the Government in the performance of any contract, subcontract, or other contractual instrument, then the Offeror shall complete the following additional representation:

The Offeror represents that it [ ] will [ ] will not provide covered defense telecommunications equipment or services as a part of its offered products or services to DoD in the performance of any award resulting from this solicitation.

(e) Disclosures. If the Offeror has represented in paragraph (d) of this provision that it “will provide covered defense telecommunications equipment or services,” the Offeror shall provide the following information as part of the offer:

(1) A description of all covered defense telecommunications equipment and services offered (include brand or manufacturer; product, such as model number, original equipment manufacturer (OEM) number, manufacturer part number, or wholesaler number; and item description, as applicable).

(2) An explanation of the proposed use of covered defense telecommunications equipment and services and any factors relevant to determining if such use would be permissible under the prohibition referenced in paragraph (b) of this provision.

(3) For services, the entity providing the covered defense telecommunications services (include entity name, unique entity identifier, and Commercial and Government Entity (CAGE) code, if known).

(4) For equipment, the entity that produced or provided the covered defense telecommunications equipment (include entity name, unique entity identifier, CAGE code, and whether the entity was the OEM or a distributor, if known).

(End of provision)

§ 252.204-7018252.204-7018 Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services.

As prescribed in 204.2105(c), use the following clause:

Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services (JAN 2023)

(a) Definitions. As used in this clause—

Covered defense telecommunications equipment or services means—

(1) Telecommunications equipment produced by Huawei Technologies Company or ZTE Corporation, or any subsidiary or affiliate of such entities;

(2) Telecommunications services provided by such entities or using such equipment; or

(3) Telecommunications equipment or services produced or provided by an entity that the Secretary of Defense reasonably believes to be an entity owned or controlled by, or otherwise connected to, the government of a covered foreign country.

Covered foreign country means—

(1) The People's Republic of China; or

(2) The Russian Federation.

Covered missions means—

(1) The nuclear deterrence mission of DoD, including with respect to nuclear command, control, and communications, integrated tactical warning and attack assessment, and continuity of Government; or

(2) The homeland defense mission of DoD, including with respect to ballistic missile defense.

“Critical technology” means—

(1) Defense articles or defense services included on the United States Munitions List set forth in the International Traffic in Arms Regulations under subchapter M of chapter I of title 22, Code of Federal Regulations;

(2) Items included on the Commerce Control List set forth in Supplement No. 1 to part 774 of the Export Administration Regulations under subchapter C of chapter VII of title 15, Code of Federal Regulations, and controlled—

(i) Pursuant to multilateral regimes, including for reasons relating to national security, chemical and biological weapons proliferation, nuclear nonproliferation, or missile technology; or

(ii) For reasons relating to regional stability or surreptitious listening;

(3) Specially designed and prepared nuclear equipment, parts and components, materials, software, and technology covered by part 810 of title 10, Code of Federal Regulations (relating to assistance to foreign atomic energy activities);

(4) Nuclear facilities, equipment, and material covered by part 110 of title 10, Code of Federal Regulations (relating to export and import of nuclear equipment and material);

(5) Select agents and toxins covered by part 331 of title 7, Code of Federal Regulations, part 121 of title 9 of such Code, or part 73 of title 42 of such Code; or

(6) Emerging and foundational technologies controlled pursuant to section 1758 of the Export Control Reform Act of 2018 (50 U.S.C. 4817).

Substantial or essential component means any component necessary for the proper function or performance of a piece of equipment, system, or service.

(b) Prohibition. In accordance with section 1656 of the National Defense Authorization Act for Fiscal Year 2018 (Pub. L. 115-91), the contractor shall not provide to the Government any equipment, system, or service to carry out covered missions that uses covered defense telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system, unless the covered defense telecommunication equipment or services are covered by a waiver described in Defense Federal Acquisition Regulation Supplement 204.2104.

(c) Procedures. The Contractor shall review the list of excluded parties in the System for Award Management (SAM) at https://www.sam.gov for entities that are excluded when providing any equipment, system, or service, to carry out covered missions, that uses covered defense telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system, unless a waiver is granted.

(d) Reporting. (1) In the event the Contractor identifies covered defense telecommunications equipment or services used as a substantial or essential component of any system, or as critical technology as part of any system, during contract performance, the Contractor shall report at https://dibnet.dod.mil the information in paragraph (d)(2) of this clause.

(2) The Contractor shall report the following information pursuant to paragraph (d)(1) of this clause:

(i) Within 3 business days from the date of such identification or notification: The contract number; the order number(s), if applicable; supplier name; brand; model number (original equipment manufacturer number, manufacturer part number, or wholesaler number); item description; and any readily available information about mitigation actions undertaken or recommended.

(ii) Within 30 business days of submitting the information in paragraph (d)(2)(i) of this clause: Any further available information about mitigation actions undertaken or recommended. In addition, the Contractor shall describe the efforts it undertook to prevent use or submission of a covered defense telecommunications equipment or services, and any additional efforts that will be incorporated to prevent future use or submission of covered telecommunications equipment or services.

(e) Subcontracts. The Contractor shall insert the substance of this clause, including this paragraph (e), in all subcontracts and other contractual instruments, including subcontracts for the acquisition of commercial products or commercial services.

(End of clause)

§ 252.204-7019252.204-7019 Notice of NIST SP 800-171 DoD Assessment Requirements.

As prescribed in 204.7304(d), use the following provision:

NOTICE OF NIST SP 800-171 DOD ASSESSMENT REQUIREMENTS (NOV 2023)

(a) Definitions.

Basic Assessment, Medium Assessment, and High Assessment have the meaning given in the clause 252.204-7020, NIST SP 800-171 DoD Assessments.

Covered contractor information system has the meaning given in the clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, of this solicitation.

(b) Requirement. In order to be considered for award, if the Offeror is required to implement NIST SP 800-171, the Offeror shall have a current assessment ( i.e., not more than 3 years old unless a lesser time is specified in the solicitation) (see 252.204-7020) for each covered contractor information system that is relevant to the offer, contract, task order, or delivery order. The Basic, Medium, and High NIST SP 800-171 DoD Assessments are described in the NIST SP 800-171 DoD Assessment Methodology located at https://www.acq.osd.mil/asda/dpc/cp/cyber/docs/safeguarding/NIST-SP-800-171-Assessment-Methodology-Version-1.2.1-6.24.2020.pdf

(c) Procedures. (1) The Offeror shall verify that summary level scores of a current NIST SP 800-171 DoD Assessment ( i.e., not more than 3 years old unless a lesser time is specified in the solicitation) are posted in the Supplier Performance Risk System (SPRS) ( https://www.sprs.csd.disa.mil/ ) for all covered contractor information systems relevant to the offer.

(2) If the Offeror does not have summary level scores of a current NIST SP 800-171 DoD Assessment ( i.e., not more than 3 years old unless a lesser time is specified in the solicitation) posted in SPRS, the Offeror may conduct and submit a Basic Assessment to [email protected] for posting to SPRS in the format identified in paragraph (d) of this provision.

(d) Summary level scores. Summary level scores for all assessments will be posted 30 days post-assessment in SPRS to provide DoD Components visibility into the summary level scores of strategic assessments.

(1) Basic Assessments. An Offeror may follow the procedures in paragraph (c)(2) of this provision for posting Basic Assessments to SPRS.

(i) The email shall include the following information:

(A) Cybersecurity standard assessed ( e.g., NIST SP 800-171 Rev 1).

(B) Organization conducting the assessment ( e.g., Contractor self-assessment).

(C) For each system security plan (security requirement 3.12.4) supporting the performance of a DoD contract—

( 1 ) All industry Commercial and Government Entity (CAGE) code(s) associated with the information system(s) addressed by the system security plan; and

( 2 ) A brief description of the system security plan architecture, if more than one plan exists.

(D) Date the assessment was completed.

(E) Summary level score ( e.g., 95 out of 110, NOT the individual value for each requirement).

(F) Date that all requirements are expected to be implemented ( i.e., a score of 110 is expected to be achieved) based on information gathered from associated plan(s) of action developed in accordance with NIST SP 800-171.

(ii) If multiple system security plans are addressed in the email described at paragraph (d)(1)(i) of this section, the Offeror shall use the following format for the report:

System security plan

CAGE codes supported by this plan

Brief description of the plan architecture

Date of assessment

Total score

Date score of 110 will achieved

(2) Medium and High Assessments. DoD will post the following Medium and/or High Assessment summary level scores to SPRS for each system assessed:

(i) The standard assessed ( e.g., NIST SP 800-171 Rev 1).

(ii) Organization conducting the assessment, e.g., DCMA, or a specific organization (identified by Department of Defense Activity Address Code (DoDAAC)).

(iii) All industry CAGE code(s) associated with the information system(s) addressed by the system security plan.

(iv) A brief description of the system security plan architecture, if more than one system security plan exists.

(v) Date and level of the assessment, i.e., medium or high.

(vi) Summary level score ( e.g., 105 out of 110, not the individual value assigned for each requirement).

(vii) Date that all requirements are expected to be implemented ( i.e., a score of 110 is expected to be achieved) based on information gathered from associated plan(s) of action developed in accordance with NIST SP 800-171.

(3) Accessibility. (i) Assessment summary level scores posted in SPRS are available to DoD personnel, and are protected, in accordance with the standards set forth in DoD Instruction 5000.79, Defense-wide Sharing and Use of Supplier and Product Performance Information (PI).

(ii) Authorized representatives of the Offeror for which the assessment was conducted may access SPRS to view their own summary level scores, in accordance with the SPRS Software User's Guide for Awardees/Contractors available at https://www.sprs.csd.disa.mil/pdf/SPRS_Awardee.pdf.

(iii) A High NIST SP 800-171 DoD Assessment may result in documentation in addition to that listed in this section. DoD will retain and protect any such documentation as “Controlled Unclassified Information (CUI)” and intended for internal DoD use only. The information will be protected against unauthorized use and release, including through the exercise of applicable exemptions under the Freedom of Information Act ( e.g., Exemption 4 covers trade secrets and commercial or financial information obtained from a contractor that is privileged or confidential).

(End of provision)

§ 252.204-7020252.204-7020 NIST SP 800-171 DoD Assessment Requirements.

As prescribed in 204.7304(e), use the following clause:

NIST SP 800-171 DOD Assessment Requirements (NOV 2023)

(a) Definitions.

Basic Assessment means a contractor's self-assessment of the contractor's implementation of NIST SP 800-171 that—

(1) Is based on the Contractor's review of their system security plan(s) associated with covered contractor information system(s);

(2) Is conducted in accordance with the NIST SP 800-171 DoD Assessment Methodology; and

(3) Results in a confidence level of “Low” in the resulting score, because it is a self-generated score.

Covered contractor information system has the meaning given in the clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, of this contract.

High Assessment means an assessment that is conducted by Government personnel using NIST SP 800-171A, Assessing Security Requirements for Controlled Unclassified Information that—

(1) Consists of—

(i) A review of a contractor's Basic Assessment;

(ii) A thorough document review;

(iii) Verification, examination, and demonstration of a Contractor's system security plan to validate that NIST SP 800-171 security requirements have been implemented as described in the contractor's system security plan; and

(iv) Discussions with the contractor to obtain additional information or clarification, as needed; and

(2) Results in a confidence level of “High” in the resulting score.

Medium Assessment means an assessment conducted by the Government that—

(1) Consists of—

(i) A review of a contractor's Basic Assessment;

(ii) A thorough document review; and

(iii) Discussions with the contractor to obtain additional information or clarification, as needed; and

(2) Results in a confidence level of “Medium” in the resulting score.

(b) Applicability. This clause applies to covered contractor information systems that are required to comply with the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, in accordance with Defense Federal Acquisition Regulation System (DFARS) clause at 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, of this contract.

(c) Requirements. The Contractor shall provide access to its facilities, systems, and personnel necessary for the Government to conduct a Medium or High NIST SP 800-171 DoD Assessment, as described in NIST SP 800-171 DoD Assessment Methodology at https://www.acq.osd.mil/asda/dpc/cp/cyber/docs/safeguarding/NIST-SP-800-171-Assessment-Methodology-Version-1.2.1-6.24.2020.pdf, if necessary.

(d) Procedures. Summary level scores for all assessments will be posted in the Supplier Performance Risk System (SPRS) ( https://www.sprs.csd.disa.mil/ ) to provide DoD Components visibility into the summary level scores of strategic assessments.

(1) Basic Assessments. A contractor may submit, via encrypted email, summary level scores of Basic Assessments conducted in accordance with the NIST SP 800-171 DoD Assessment Methodology to [email protected] for posting to SPRS.

(i) The email shall include the following information:

(A) Version of NIST SP 800-171 against which the assessment was conducted.

(B) Organization conducting the assessment ( e.g., Contractor self-assessment).

(C) For each system security plan (security requirement 3.12.4) supporting the performance of a DoD contract—

( 1 ) All industry Commercial and Government Entity (CAGE) code(s) associated with the information system(s) addressed by the system security plan; and

( 2 ) A brief description of the system security plan architecture, if more than one plan exists.

(D) Date the assessment was completed.

(E) Summary level score ( e.g., 95 out of 110, NOT the individual value for each requirement).

(F) Date that all requirements are expected to be implemented ( i.e., a score of 110 is expected to be achieved) based on information gathered from associated plan(s) of action developed in accordance with NIST SP 800-171.

(ii) If multiple system security plans are addressed in the email described at paragraph (b)(1)(i) of this section, the Contractor shall use the following format for the report:

System security plan

CAGE codes supported by this plan

Brief description of the plan architecture

Date of assessment

Total score

Date score of 110 will achieved

(2) Medium and High Assessments. DoD will post the following Medium and/or High Assessment summary level scores to SPRS for each system security plan assessed:

(i) The standard assessed ( e.g., NIST SP 800-171 Rev 1).

(ii) Organization conducting the assessment, e.g., DCMA, or a specific organization (identified by Department of Defense Activity Address Code (DoDAAC)).

(iii) All industry CAGE code(s) associated with the information system(s) addressed by the system security plan.

(iv) A brief description of the system security plan architecture, if more than one system security plan exists.

(v) Date and level of the assessment, i.e., medium or high.

(vi) Summary level score ( e.g., 105 out of 110, not the individual value assigned for each requirement).

(vii) Date that all requirements are expected to be implemented ( i.e., a score of 110 is expected to be achieved) based on information gathered from associated plan(s) of action developed in accordance with NIST SP 800-171.

(e) Rebuttals. (1) DoD will provide Medium and High Assessment summary level scores to the Contractor and offer the opportunity for rebuttal and adjudication of assessment summary level scores prior to posting the summary level scores to SPRS (see SPRS User's Guide https://www.sprs.csd.disa.mil/pdf/SPRS_Awardee.pdf ).

(2) Upon completion of each assessment, the contractor has 14 business days to provide additional information to demonstrate that they meet any security requirements not observed by the assessment team or to rebut the findings that may be of question.

(f) Accessibility. (1) Assessment summary level scores posted in SPRS are available to DoD personnel, and are protected, in accordance with the standards set forth in DoD Instruction 5000.79, Defense-wide Sharing and Use of Supplier and Product Performance Information (PI).

(2) Authorized representatives of the Contractor for which the assessment was conducted may access SPRS to view their own summary level scores, in accordance with the SPRS Software User's Guide for Awardees/Contractors available at https://www.sprs.csd.disa.mil/pdf/SPRS_Awardee.pdf.

(3) A High NIST SP 800-171 DoD Assessment may result in documentation in addition to that listed in this clause. DoD will retain and protect any such documentation as “Controlled Unclassified Information (CUI)” and intended for internal DoD use only. The information will be protected against unauthorized use and release, including through the exercise of applicable exemptions under the Freedom of Information Act ( e.g., Exemption 4 covers trade secrets and commercial or financial information obtained from a contractor that is privileged or confidential).

(g) Subcontracts. (1) The Contractor shall insert the substance of this clause, including this paragraph (g), in all subcontracts and other contractual instruments, including subcontracts for the acquisition of commercial products or commercial services (excluding commercially available off-the-shelf items).

(2) The Contractor shall not award a subcontract or other contractual instrument, that is subject to the implementation of NIST SP 800-171 security requirements, in accordance with DFARS clause 252.204-7012 of this contract, unless the subcontractor has completed, within the last 3 years, at least a Basic NIST SP 800-171 DoD Assessment, as described in https://www.acq.osd.mil/asda/dpc/cp/cyber/docs/safeguarding/NIST-SP-800-171-Assessment-Methodology-Version-1.2.1-6.24.2020.pdf, for all covered contractor information systems relevant to its offer that are not part of an information technology service or system operated on behalf of the Government.

(3) If a subcontractor does not have summary level scores of a current NIST SP 800-171 DoD Assessment ( i.e., not more than 3 years old unless a lesser time is specified in the solicitation) posted in SPRS, the subcontractor may conduct and submit a Basic Assessment, in accordance with the NIST SP 800-171 DoD Assessment Methodology, to [email protected] for posting to SPRS along with the information required by paragraph (d) of this clause.

(End of clause)

§ 252.204-7021252.204-7021 Contractor Compliance With the Cybersecurity Maturity Model Certification Level Requirements.

As prescribed in 204.7504(a), use the following clause:

CONTRACTOR COMPLIANCE WITH THE CYBERSECURITY MATURITY MODEL CERTIFICATION LEVEL REQUIREMENTS (NOV 2025)

(a) Definitions. As used in this clause-

Controlled unclassified information means information the Government creates or possesses, or information an entity creates or possesses for or on behalf of the Government, that a law, regulation, or Governmentwide policy requires or permits an agency to handle using safeguarding or dissemination controls (32 CFR 2002.4(h)).

Current means—

(1) With regard to Conditional Cybersecurity Maturity Model Certification (CMMC) Status—

(i) Not older than 180 days for Conditional Level 2 (Self) assessments and Conditional Level 2 (certified third-party assessment organization (C3PAO)) assessments, with—

(A) No changes in compliance with the requirements at 32 CFR part 170 since the Conditional CMMC Status date (see 32 CFR 170.16 and 170.17); and

(B) A corresponding affirmation of continuous compliance by an affirming official (see 32 CFR 170.4); and

(ii) Not older than 180 days for Conditional Level 3 (Defense Industrial Base Cybersecurity Assessment Center (DIBCAC)) assessments, with—

(A) No changes in compliance with the requirements at 32 CFR part 170 since the Conditional CMMC Status date (see 32 CFR 170.18); and

(B) A corresponding affirmation of continuous compliance by an affirming official;

(2) With regard to Final CMMC Status—

(i) Not older than 1 year for Final Level 1 (Self), with—

(A) No changes in compliance with the requirements at 32 CFR part 170 since the Final CMMC Status date (see 32 CFR 170.15); and

(B) A corresponding affirmation of continuous compliance, not older than 1 year, by an affirming official;

(ii) Not older than 3 years for Final Level 2 (Self) assessments and Final Level 2 (C3PAO) assessments, with—

(A) No changes in compliance with the requirements at 32 CFR part 170 since the Final CMMC Status date (see 32 CFR 170.16 and 170.17); and

(B) A corresponding affirmation of continuous compliance, not older than 1 year, by an affirming official; and

(iii) Not older than 3 years for Final Level 3 (DIBCAC) assessments, with—

(A) No changes in compliance with the requirements at 32 CFR part 170 since the Final CMMC Status date (see 32 CFR 170.18); and

(B) A corresponding affirmation of continuous compliance, not older than 1 year, by an affirming official; and

(3) With regard to affirmation of continuous compliance (32 CFR 170.22), not older than 1 year with no changes in compliance with the requirements at 32 CFR part 170.

Cybersecurity Maturity Model Certification (CMMC) status means the result of meeting or exceeding the minimum required score for the corresponding assessment. The potential statuses are as follows:

(1) Final Level 1 (Self).

(2) Conditional Level 2 (Self).

(3) Final Level 2 (Self).

(4) Conditional Level 2 (C3PAO).

(5) Final Level 2 (C3PAO).

(6) Conditional Level 3 (DIBCAC).

(7) Final Level 3 (DIBCAC).

Cybersecurity Maturity Model Certification unique identifier (CMMC UID) means 10 alpha-numeric characters assigned to each CMMC assessment and reflected in the Supplier Performance Risk System (SPRS) for each contractor information system.

Federal contract information (FCI) means information, not intended for public release, that is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government. It does not include information provided by the Government to the public, such as on public websites, or simple transactional information, such as information necessary to process payments.

Plan of action and milestones means a document that identifies tasks to be accomplished. It details resources required to accomplish the elements of the plan, any milestones in meeting the tasks, and scheduled completion dates for the milestones, as defined in National Institute of Standards and Technology Special Publication 800-115 (32 CFR 170.21).

(b) Framework. The Cybersecurity Maturity Model Certification (CMMC) is a framework for assessing a contractor's compliance with applicable information security protections (see 32 CFR part 170).

(c) Duplication. The CMMC assessments will not duplicate efforts from any other comparable DoD assessment, except for rare circumstances when a reassessment may be necessary, for example, when there are indications of issues with cybersecurity and/or compliance with CMMC requirements.

(d) Requirements. The Contractor shall—

(1)(i) Have and maintain for the duration of the contract a current CMMC status at the following CMMC level, or higher: ___ [Contracting Officer insert: CMMC Level 1 (Self); CMMC Level 2 (Self); CMMC Level 2 (C3PAO); or CMMC Level 3 (DIBCAC)] for all information systems used in performance of the contract, task order, or delivery order that process, store, or transmit FCI or CUI; and

(ii) Consult 32 CFR 170.23 related to the flowdown of the CMMC requirements, and flow down the correct CMMC level to subcontracts and other contractual instruments;

(2) Only process, store, or transmit FCI or CUI on contractor information systems that have a CMMC status at the CMMC level required in paragraph (d)(1) of this clause, or higher;

(3) Complete on an annual basis, and maintain as current, an affirmation, by the affirming official (see 32 CFR 170.4), of continuous compliance with the requirements associated with the CMMC level required in paragraph (d)(1) of this clause in the Supplier Performance Risk System (SPRS) ( https://piee.eb.mil ) for each CMMC UID applicable to each of the contractor information systems that process, store, or transmit FCI or CUI and that are used in performance of the contract;

(4) Ensure all subcontractors and suppliers complete prior to subcontract award, and maintain on an annual basis, an affirmation, by the affirming official (see 32 CFR 170.4), of continuous compliance with the requirements associated with the CMMC level required for the subcontract or other contractual instrument for each of the subcontractor information systems that process, store, or transmit FCI or CUI and that are used in performance of the subcontract; and

(5) If the Contractor has a CMMC Status of Conditional, successfully close out a valid plan of action and milestones (32 CFR 170.21) to achieve a CMMC Status of Final.

(e) Reporting. The Contractor shall—

(1) Submit to the Contracting Officer—

(i) The CMMC UID(s) issued by SPRS for contractor information systems that will process, store, or transmit FCI or CUI during performance of the contract; and

(ii) Any changes in the CMMC UIDs generated in SPRS throughout the life of the contract, task order, or delivery order, if applicable;

(2) Enter into SPRS the results of a current self-assessment for each CMMC UID, not covered by a C3PAO assessment or DIBCAC assessment, applicable to each of the contractor information systems that process, store, or transmit FCI or CUI and that are used in performance of the contract; and

(3) Complete in SPRS on an annual basis and maintain as current an affirmation of continuous compliance by the affirming official (see 32 CFR 170.4) for each self-assessment, C3PAO assessment, or DIBCAC assessment required under the contract in SPRS.

(f) Subcontracts. The Contractor shall—

(1) Insert the substance of this clause, including this paragraph (f) and excluding paragraph (e)(1), in subcontracts and other contractual instruments, including those for the acquisition of commercial products and commercial services, excluding commercially available off-the-shelf items, if the subcontract or other contractual instrument will contain a requirement to process, store, or transmit FCI or CUI; and

(2) Prior to awarding a subcontract or other contractual instrument, ensure that the subcontractor has a current CMMC certificate or current CMMC status at the CMMC level that is appropriate for the information that is being flowed down to the subcontractor based on the requirements at 32 CFR 170.23.

(End of clause)

§ 252.204-7022252.204-7022 Expediting Contract Closeout.

As prescribed in 204.804-70, use the following clause:

Expediting Contract Closeout (MAY 2021)

(a) At the conclusion of all applicable closeout requirements of Federal Acquisition Regulation 4.804, the Government and Contractor shall mutually agree on the residual dollar amount remaining on the contract. Both the Government and Contractor agree to waive payment of any residual dollar amount of $1,000 or less to which either party may be entitled at the time of contract closeout.

(b) A residual dollar amount includes all money owed to either party at the end of the contract and as a result of the contract, excluding amounts connected in any way with taxation or a violation of law or regulation.

(c) For purposes of determining residual dollar amounts, offsets (e.g., across multiple contracts or orders) may be considered only to the extent permitted by law.

(End of clause)

§ 252.204-7023252.204-7023 Reporting Requirements for Contracted Services.

Basic. As prescribed in 204.1705(a)(i) and (ii), use the following clause:

Reporting Requirements for Contracted Services—Basic (Jul 2021)

(a) Definition. As used in this clause—

First-tier subcontract means a subcontract awarded directly by the contractor for the purpose of acquiring services for performance of a prime contract. It does not include the contractor's supplier agreements with vendors, such as long-term arrangements for materials or supplies or services that benefit multiple contracts and/or the costs of which are normally applied to a contractor's general and administrative expenses or indirect costs.

(b) The Contractor shall report annually, by October 31, at https://www.sam.gov, on the services performed under this contract or order, including any first-tier subcontracts, during the preceding Government fiscal year (October 1-September 30).

(c) The Contractor shall report the following information for the contract or order:

(1) The total dollar amount invoiced for services performed during the preceding Government fiscal year under the contract or order.

(2) The number of Contractor direct labor hours, to include first-tier subcontractor direct labor hours, as applicable, expended on the services performed under the contract or order during the previous Government fiscal year.

(d) The Government will review the Contractor's reported information for reasonableness and consistency with available contract information. In the event the Government believes that revisions to the Contractor's reported information are warranted, the Government will notify the Contractor. Upon notification, the Contractor shall revise the reported information or provide the Government with a supporting rationale for the information.

(End of clause)

Alternate I. As prescribed in 204.1705 (a)(i) and (iii), use the following clause, which substitutes “contract or agreement for each order” in lieu of “contract or order” in paragraph (b) and “order” in lieu of “contract or order” in paragraphs (c) and (c)(1) and (2), and identifies the dollar threshold and service acquisition portfolio groups for which orders under the contract or agreement require service contract reporting.

Reporting Requirements for Contracted Services—Alternate I (Jul 2021)

(a) Definition. As used in this clause—

First-tier subcontract means a subcontract awarded directly by the contractor for the purpose of acquiring services for performance of a prime contract. It does not include the contractor's supplier agreements with vendors, such as long-term arrangements for materials or supplies or services that benefit multiple contracts and/or the costs of which are normally applied to a contractor's general and administrative expenses or indirect costs.

(b) The contractor shall report annually, by October 31, at https://www.sam.gov, on services performed during the preceding Government fiscal year (October 1-September 30) under this contract or agreement for each order, including any first-tier subcontract, which exceeds $3 million for services in the following service acquisition portfolio groups:

(1) Logistics management services.

(2) Equipment-related services.

(3) Knowledge-based services.

(4) Electronics and communications services.

(c) The Contractor shall report the following information for the order:

(1) The total dollar amount invoiced for services performed during the preceding Government fiscal year under the order.

(2) The number of Contractor direct labor hours, to include first-tier subcontractor direct labor hours, as applicable, expended on the services performed under the order during the previous Government fiscal year.

(d) The Government will review the Contractor's reported information for reasonableness and consistency with available contract information. In the event the Government believes that revisions to the Contractor's reported information are warranted, the Government will notify the Contractor. Upon notification, the Contractor shall revise the reported information or provide the Government with a supporting rationale for the information.

(End of clause)

§ 252.204-7024252.204-7024 Notice on the Use of the Supplier Performance Risk System.

As prescribed in 204.7604, use the following provision:

Notice on the Use of the Supplier Performance Risk System (MAR 2023)

(a) Definitions. As used in this provision—

Item risk means the probability that a product, based on intended use, will introduce performance risk resulting in safety issues, mission degradation, or monetary loss.

Price risk means a measure of whether a proposed price for a product or service is consistent with historical prices paid for that item or service.

Supplier risk means the probability that an award may subject the procurement to the risk of unsuccessful performance or to supply chain risk (see Defense Federal Acquisition Regulation Supplement 239.7301).

(b) The Supplier Performance Risk System (SPRS), available at https://piee.eb.mil/, will be used in the evaluation of the Quoter or Offeror's performance. SPRS retrieves item, price, quality, delivery, and contractor information on contracts from Government reporting systems in order to develop risk assessments.

(c) The Contracting Officer will consider SPRS risk assessments during the evaluation of quotations or offers received in response to this solicitation as follows:

(1) Item risk will be considered to determine whether the procurement represents a high performance risk to the Government.

(2) Price risk will be considered in determining if a proposed price is consistent with historical prices paid for a product or a service or otherwise creates a risk to the Government.

(3) Supplier risk, including but not limited to quality and delivery, will be considered to assess the risk of unsuccessful performance and supply chain risk.

(d) SPRS risk assessments are generated daily. Quoters or Offerors are able to access their risk assessments by following the access instructions in the SPRS user's guide available at https://www.sprs.csd.disa.mil/reference.htm. Quoters and Offerors are granted access to SPRS for their own risk assessment classifications only. SPRS reporting procedures and risk assessment methodology are detailed in the SPRS user's guide. The method to challenge a rating generated by SPRS is also provided in the user's guide. SPRS evaluation criteria are available at https://www.sprs.csd.disa.mil/pdf/SPRS_DataEvaluationCriteria.pdf.

(e) The Contracting Officer may consider any other available and relevant information when evaluating a quotation or an offer.

(End of provision)

§ 252.204-7025252.204-7025 Notice of Cybersecurity Maturity Model Certification Level Requirements.

As prescribed in 204.7504(b), use the following provision:

Notice of Cybersecurity Maturity Model Certification Level Requirements (NOV 2025)

(a) Definitions. As used in this provision, controlled unclassified information (CUI), current, Cybersecurity Maturity Model Certification (CMMC) status, Cybersecurity Maturity Model Certification unique identifier (CMMC UID), Federal contract information (FCI), and Plan of action and milestones have the meaning given in the Defense Federal Acquisition Regulation Supplement 252.204-7021, Contractor Compliance With the Cybersecurity Maturity Model Certification Level Requirements, clause of this solicitation.

(b)(1) Cybersecurity Maturity Model Certification (CMMC) level. The CMMC level required by this solicitation is: ___ [Contracting Officer insert: CMMC Level 1 (Self); CMMC Level 2 (Self); CMMC Level 2 (C3PAO); or CMMC Level 3 (DIBCAC)]. This CMMC level, or higher (see 32 CFR part 170), is required prior to award for each contractor information system that will process, store, or transmit Federal contract information (FCI) or controlled unclassified information (CUI) during performance of the contract.

(2) The Offeror will not be eligible for award of a contract, task order, or delivery order resulting from this solicitation if the Offeror does not have, for each of the contractor information systems that will process, store, or transmit FCI or CUI and that will be used in performance of a contract resulting from this solicitation—

(i) The current CMMC status entered in the Supplier Performance Risk System (SPRS) ( https://piee.eb.mil ) at the CMMC level required by paragraph (b)(1) of this provision; and

(ii) A current affirmation of continuous compliance with the security requirements identified at 32 CFR part 170 in SPRS.

(c) Plan of action and milestones. If the Offeror has a CMMC Status of Conditional, the Offeror shall successfully close out a valid plan of action and milestones (32 CFR 170.21) to achieve a CMMC Status of Final.

(d) CMMC unique identifiers. The Offeror shall provide, in the proposal, the CMMC unique identifier(s) (CMMC UIDs) issued by SPRS for each contractor information system that will process, store, or transmit FCI or CUI during performance of a contract, task order, or delivery order resulting from this solicitation. The Offeror also shall update the list when new CMMC UIDs are generated in SPRS. The CMMC UIDs are provided in SPRS after the Offeror enters the results of self-assessment(s) for each such information system.

(End of provision)

§ 252.205-7000252.205-7000 Provision of Information to Cooperative Agreement Holders.

As prescribed in 205.470, use the following clause:

Provision of Information to Cooperative Agreement Holders (OCT 2024)

(a) Definition. As used in this clause—

Cooperative agreement holder means a State or local government; a nonprofit organization; a tribal organization (as defined in section 4(c) of the Indian Self-Determination and Education Assistance Act (25 U.S.C. 5304(l))); or an economic enterprise (as defined in section 3(e) of the Indian Financing Act of 1974 (25 U.S.C. 1452(e))) whether such economic enterprise is organized for profit or nonprofit purposes; which has an agreement with the Under Secretary of Defense for Acquisition and Sustainment to furnish procurement technical assistance to business entities (as defined in 10 U.S.C. 4951).

(b) The Contractor shall provide cooperative agreement holders, upon their request, with a list of those appropriate employees or offices responsible for entering into subcontracts under defense contracts. The list shall include the business address, telephone number, and area of responsibility of each employee or office.

(c) The Contractor need not provide the listing to a particular cooperative agreement holder more frequently than once a year.

(End of clause)

§ 252.206-7000252.206-7000 Domestic Source Restriction.

As prescribed at 206.302-3-70, use the following provision:

Domestic Source Restriction (AUG 2023)

This solicitation is restricted to domestic sources under the authority of 10 U.S.C. 3204(a)(3). Foreign sources, except Canadian sources, are not eligible for award.

(End of provision)

§ 252.208-7000252.208-7000 Intent to furnish precious metals as Government-furnished material.

As prescribed in 208.7305(a), use the following clause:

Intent To Furnish Precious Metals as Government-Furnished Material (DEC 1991)

(a) The Government intends to furnish precious metals required in the manufacture of items to be delivered under the contract if the Contracting Officer determines it to be in the Government's best interest. The use of Government-furnished silver is mandatory when the quantity required is one hundred troy ounces or more. The precious metal(s) will be furnished pursuant to the Government Furnished Property clause of the contract.

(b) The Offeror shall cite the type (silver, gold, platinum, palladium, iridium, rhodium, and ruthenium) and quantity in whole troy ounces of precious metals required in the performance of this contract (including precious metals required for any first article or production sample), and shall specify the national stock number (NSN) and nomenclature, if known, of the deliverable item requiring precious metals.

Precious metal*

Quantity

Deliverable item (NSN and nomenclature)!!rs

*If platinum or palladium, specify whether sponge or granules are required.

(c) Offerors shall submit two prices for each deliverable item which contains precious metals—one based on the Government furnishing precious metals, and one based on the Contractor furnishing precious metals. Award will be made on the basis which is in the best interest of the Government.

(d) The Contractor agrees to insert this clause, including this paragraph (d), in solicitations for subcontracts and purchase orders issued in performance of this contract, unless the Contractor knows that the item being purchased contains no precious metals.

(End of clause)

§ 252.209-7002252.209-7002 Disclosure of Ownership or Control by a Foreign Government.

As prescribed in 209.104-70, use the following provision:

Disclosure of Ownership or Control by a Foreign Government (DEC 2022)

(a) Definitions. As used in this provision—

(1) Effectively owned or controlled means that a foreign government or any entity controlled by a foreign government has the power, either directly or indirectly, whether exercised or exercisable, to control the election, appointment, or tenure of the Offeror's officers or a majority of the Offeror's board of directors by any means, e.g., ownership, contract, or operation of law (or equivalent power for unincorporated organizations).

(2) Entity controlled by a foreign government —

(i) Means—

(A) Any domestic or foreign organization or corporation that is effectively owned or controlled by a foreign government; or

(B) Any individual acting on behalf of a foreign government.

(ii) Does not include an organization or corporation that is owned, but is not controlled, either directly or indirectly, by a foreign government if the ownership of that organization or corporation by that foreign government was effective before October 23, 1992.

(3) Foreign government includes the state and the government of any country (other than the United States and its outlying areas) as well as any political subdivision, agency, or instrumentality thereof.

(4) Proscribed information means—

(i) Top Secret information;

(ii) Communications security (COMSEC) material, excluding controlled cryptographic items when unkeyed or utilized with unclassified keys;

(iii) Restricted Data as defined in the U.S. Atomic Energy Act of 1954, as amended;

(iv) Special Access Program (SAP) information; or

(v) Sensitive Compartmented Information (SCI).

(b) Prohibition on award. No contract under a national security program may be awarded to an entity controlled by a foreign government if that entity requires access to proscribed information to perform the contract, unless the Secretary of Defense or a designee has waived application of 10 U.S.C. 4874.

(c) Disclosure. The Offeror shall disclose any interest a foreign government has in the Offeror when that interest constitutes control by a foreign government as defined in this provision. If the Offeror is a subsidiary, it shall also disclose any reportable interest a foreign government has in any entity that owns or controls the subsidiary, including reportable interest concerning the Offeror's immediate parent, intermediate parents, and the ultimate parent. Use separate paper as needed, and provide the information in the following format: Offeror's Point of Contact for Questions about Disclosure (Name and Phone Number with Country Code, City Code and Area Code, as applicable)

Name and Address of Offeror

Name and Address of Entity Controlled by a Foreign Government

Description of Interest, Ownership Percentage, and Identification of Foreign Government

(End of provision)

§ 252.209-7004252.209-7004 Subcontracting with Firms that are Owned or Controlled by the Government of a Country that is a State Sponsor of Terrorism.

As prescribed in 209.409, use the following clause:

Subcontracting With Firms That Are Owned or Controlled by the Government of a Country That Is a State Sponsor of Terrorism (MAY 2019)

(a) Unless the Government determines that there is a compelling reason to do so, the Contractor shall not enter into any subcontract in excess of the threshold specified in Federal Acquisition Regulation 9.405-2(b) on the date of subcontract award with a firm, or a subsidiary of a firm, that is identified in the Exclusions section of the System for Award Management System (SAM Exclusions) as being ineligible for the award of Defense contracts or subcontracts because it is owned or controlled by the government of a country that is a state sponsor of terrorism.

(b) A corporate officer or a designee of the Contractor shall notify the Contracting Officer, in writing, before entering into a subcontract with a party that is identified, in SAM Exclusions, as being ineligible for the award of Defense contracts or subcontracts because it is owned or controlled by the government of a country that is a state sponsor of terrorism. The notice must include the name of the proposed subcontractor and the compelling reason(s) for doing business with the subcontractor notwithstanding its inclusion in SAM Exclusions.

(End of clause)

§ 252.209-7006252.209-7006 Limitations on Contractors Acting as Lead System Integrators.

As prescribed in 209.570-4(a), use the following provision:

Limitations on Contractors Acting As Lead System Integrators (DEC 2022)

(a) Definitions. Lead system integrator, lead system integrator with system responsibility, and lead system integrator without system responsibility, as used in this provision, have the meanings given in the clause of this solicitation entitled “Prohibited Financial Interests for Lead System Integrators” (DFARS 252.209-7007).

(b) General. Unless an exception is granted, no contractor performing lead system integrator functions in the acquisition of a major system by the Department of Defense may have any direct financial interest in the development or construction of any individual system or element of any system of systems.

(c) Representations. (1) The offeror represents that it does

[ ] does not [ ] propose to perform this contract as a lead system integrator with system responsibility.

(2) The offeror represents that it does [ ] does not [ ] propose to perform this contract as a lead system integrator without system responsibility.

(3) If the offeror answered in the affirmative in paragraph (c)(1) or (2) of this provision, the offeror represents that it does [ ] does not [ ] have any direct financial interest as described in paragraph (b) of this provision with respect to the system(s), subsystem(s), system of systems, or services described in this solicitation.

(d) If the offeror answered in the affirmative in paragraph (c)(3) of this provision, the offeror should contact the Contracting Officer for guidance on the possibility of submitting a mitigation plan and/or requesting an exception.

(e) If the offeror does have a direct financial interest, the offeror may be prohibited from receiving an award under this solicitation, unless the offeror submits to the Contracting Officer appropriate evidence that the offeror was selected by a subcontractor to serve as a lower-tier subcontractor through a process over which the offeror exercised no control.

(f) This provision implements the requirements of10 U.S.C. 4292.

(End of provision)

§ 252.209-7007252.209-7007 Prohibited Financial Interests for Lead System Integrators.

As prescribed in 209.570-4(b), use the following clause:

Prohibited Financial Interests for Lead System Integrators (DEC 2022)

(a) Definitions. As used in this clause—

(1) Lead system integrator includes lead system integrator with system responsibility and lead system integrator without system responsibility.

(2) Lead system integrator with system responsibility means a prime contractor for the development or production of a major system, if the prime contractor is not expected at the time of award to perform a substantial portion of the work on the system and the major subsystems.

(3) Lead system integrator without system responsibility means a prime contractor under a contract for the procurement of services, the primary purpose of which is to perform acquisition functions closely associated with inherently governmental functions (see section 7.503(d) of the Federal Acquisition Regulation) with respect to the development or production of a major system.

(b) Limitations. The Contracting Officer has determined that the Contractor meets the definition of lead system integrator with [ ] without [ ] system responsibility. Unless an exception is granted, the Contractor shall not have any direct financial interest in the development or construction of any individual system or element of any system of systems while performing lead system integrator functions in the acquisition of a major system by the Department of Defense under this contract.

(c) Agreement. The Contractor agrees that during performance of this contract it will not acquire any direct financial interest as described in paragraph (b) of this clause, or, if it does acquire or plan to acquire such interest, it will immediately notify the Contracting Officer. The Contractor further agrees to provide to the Contracting Officer all relevant information regarding the change in financial interests so that the Contracting Officer can determine whether an exception applies or whether the Contractor will be allowed to continue performance on this contract. If a direct financial interest cannot be avoided, eliminated, or mitigated to the Contracting Officer's satisfaction, the Contracting Officer may terminate this contract for default for the Contractor's material failure to comply with the terms and conditions of award or may take other remedial measures as appropriate in the Contracting Officer's sole discretion.

(d) Notwithstanding any other clause of this contract, if the Contracting Officer determines that the Contractor misrepresented its financial interests at the time of award or has violated the agreement in paragraph (c) of this clause, the Government may terminate this contract for default for the Contractor's material failure to comply with the terms and conditions of award or may take other remedial measures as appropriate in the Contracting Officer's sole discretion.

(e) This clause implements the requirements of10 U.S.C. 4292.

(End of clause)

§ 252.209-7008252.209-7008 Notice of Prohibition Relating to Organizational Conflict of Interest—Major Defense Acquisition Program.

As prescribed in 209.571-8(a), use the following provision:

Notice of Prohibition Relating to Organizational Conflict of Interest—Major Defense Acquisition Program (DEC 2010)

(a) Definitions. “Major subcontractor” is defined in the clause at 252.209-7009, Organizational Conflict of Interest—Major Defense Acquisition Program.

(b) This solicitation is for the performance of systems engineering and technical assistance for a major defense acquisition program or a pre-major defense acquisition program.

(c) Prohibition. As required by paragraph (b)(3) of section 207 of the Weapons System Acquisition Reform Act of 2009 (Pub. L. 111-23), if awarded the contract, the contractor or any affiliate of the contractor is prohibited from participating as a prime contractor or a major subcontractor in the development or production of a weapon system under the major defense acquisition program or pre-major defense acquisition program, unless the offeror submits, and the Government approves, an Organizational Conflict of Interest Mitigation Plan.

(d) Request for an exception. If the offeror requests an exception to the prohibition of paragraph (c) of this provision, then the offeror shall submit an Organizational Conflict of Interest Mitigation Plan with its offer for evaluation.

(e) Incorporation of Organizational Conflict of Interest Mitigation Plan in contract. If the apparently successful offeror submitted an acceptable Organizational Conflict of Interest Mitigation Plan, and the head of the contracting activity determines that DoD needs the domain experience and expertise of the highly qualified, apparently successful offeror in accordance with FAR 209.571-7(c), then the Contracting Officer will incorporate the Organizational Conflict of Interest Mitigation Plan into the resultant contract, and paragraph (d) of the clause at 252.209-7009 will become applicable.

(End of provision)

§ 252.209-7009252.209-7009 Organizational Conflict of Interest—Major Defense Acquisition Program.

As prescribed in 209.571-8(b), use the following clause:

Organizational Conflict of Interest—Major Defense Acquisition Program (MAY 2019)

(a) Definition. As used in this clause—

Major subcontractor means a subcontractor that is awarded a subcontract that equals or exceeds—

(1) Both the certified cost or pricing data threshold and 10 percent of the value of the contract under which the subcontract is awarded; or

(2) The threshold specified in the definition of “major subcontractor” at Defense Federal Acquisition Regulation Supplement 209.571-1 on the date of subcontract award.

(b) This contract is for the performance of systems engineering and technical assistance for a major defense acquisition program or a pre-major defense acquisition program.

(c) Prohibition. Except as provided in paragraph (d) of this clause, as required by paragraph (b)(3) of section 207 of the Weapons System Acquisition Reform Act of 2009 (Pub. L. 111-23), the Contractor or any affiliate of the Contractor is prohibited from participating as a prime contractor or major subcontractor in the development or production of a weapon system under the major defense acquisition program or pre-major defense acquisition program.

(d) Organizational Conflict of Interest Mitigation Plan. If the Contractor submitted an acceptable Organizational Conflict of Interest Mitigation Plan that has been incorporated into this contract, then the prohibition in paragraph (c) of this clause does not apply. The Contractor shall comply with the Organizational Conflict of Interest Mitigation Plan. Compliance with the Organizational Conflict of Interest Mitigation Plan is a material requirement of the contract. Failure to comply may result in the Contractor or any affiliate of the Contractor being prohibited from participating as a contractor or major subcontractor in the development or production of a weapon system under the program, in addition to any other remedies available to the Government for noncompliance with a material requirement of a contract.

(End of clause)

§ 252.209-7010252.209-7010 Critical Safety Items.

As prescribed in 209.270-5, use the following clause:

Critical Safety Items (AUG 2011)

(a) Definitions.

Aviation critical safety item means a part, an assembly, installation equipment, launch equipment, recovery equipment, or support equipment for an aircraft or aviation weapon system if the part, assembly, or equipment contains a characteristic any failure, malfunction, or absence of which could cause—

(i) A catastrophic or critical failure resulting in the loss of, or serious damage to, the aircraft or weapon system;

(ii) An unacceptable risk of personal injury or loss of life; or

(iii) An uncommanded engine shutdown that jeopardizes safety.

Design control activity. (i) With respect to an aviation critical safety item, means the systems command of a military department that is specifically responsible for ensuring the airworthiness of an aviation system or equipment, in which an aviation critical safety item is to be used; and

(ii) With respect to a ship critical safety item, means the systems command of a military department that is specifically responsible for ensuring the seaworthiness of a ship or ship equipment, in which a ship critical safety item is to be used.

Ship critical safety item means any ship part, assembly, or support equipment containing a characteristic, the failure, malfunction, or absence of which could cause—

(i) A catastrophic or critical failure resulting in loss of, or serious damage to, the ship; or

(ii) An unacceptable risk of personal injury or loss of life.

(b) Identification of critical safety items. One or more of the items being procured under this contract is an aviation or ship critical safety item. The following items have been designated aviation critical safety items or ship critical safety items by the designated design control activity:

( Insert additional lines as necessary )

(c) Heightened quality assurance surveillance. Items designated in paragraph (b) of this clause are subject to heightened, risk-based surveillance by the designated quality assurance representative.

(End of clause)

§ 252.209-7011252.209-7011 Representation for Restriction on the Use of Certain Institutions of Higher Education.

As prescribed in 209.170-4, use the following provision:

Representation For Restriction On The Use Of Certain Institutions Of Higher Education (AUG 2025)

(a) Definitions. As used in this provision—

Confucius Institute means—

(1) Any program that receives funding or support from—

(i) The Chinese International Education Foundation; or

(ii) The Center for Language Exchange Cooperation of the Ministry of Education of the People's Republic of China; or

(2) Any cultural institute directly or indirectly funded by the government of the People's Republic of China.

Institution of higher education has the meaning given in 20 U.S.C. 1002.

(b) Restriction. As required by section 1062 of the National Defense Authorization Act for Fiscal Year 2021 (Pub. L. 116-283), DoD may not award a contract with any institution of higher education that hosts a Confucius Institute. Section 1062 prohibits DoD from providing funding to any U.S. institution of higher education hosting a Confucius Institute unless that institution receives a waiver from the Department of Defense Office of the Under Secretary of Defense for Research and Engineering (OUSD(R&E)). The waiver authority terminates on October 1, 2026. Any waiver issued will not apply on or after that date. See the OUSD(R&E) Confucius Institute Waiver Program Guidance to U.S. Institutions of Higher Education at https://rt.cto.mil/wp-content/uploads/Confucius-Institute-Waiver-Program-Guidance-28Mar2023.pdf.

(c) Representation. By submission of an offer, the Offeror represents that—

(1) It is not an institution of higher education that hosts a Confucius Institute; or

(2) The Offeror has obtained a waiver approved by OUSD(R&E).

(End of provision)

§ 252.209-7012252.209-7012 Prohibition Relating to Conflicts of Interest in Consulting Services—Certification.

As prescribed in 209.572(e), use the following provision:

Prohibition Relating to Conflicts of Interest in Consulting Services—Certification (Oct 2025)

(a) Definitions. As used in this provision—

Consulting services means advisory and assistance services, except that “consulting services” does not include the provision of products or services related to—

(1) Compliance with legal, audit, accounting, tax, reporting, or other requirements of the laws and standards of countries; or

(2) Participation in a judicial, legal, or equitable dispute resolution proceeding.

Contract oversight entity means any of the following:

(1) The Contracting Officer.

(2) The Contracting Officer's Representative.

(3) The Defense Contract Management Agency.

(4) The Defense Contract Audit Agency.

(5) The DoD Office of Inspector General or any subcomponent of that office.

(6) The Government Accountability Office.

Covered contract means a DoD contract involving consulting services.

Covered foreign entity means any of the following:

(1) The government of the People's Republic of China, the Chinese Communist Party, the People's Liberation Army, the Ministry of State Security, or other security service or intelligence agency of the People's Republic of China.

(2) The government of the Russian Federation or any entity sanctioned by the Secretary of the Treasury under Executive Order 13662, Blocking Property of Additional Persons Contributing to the Situation in Ukraine.

(3) The government of any country, if the Secretary of State determines that such government has repeatedly provided support for acts of international terrorism, pursuant to any of the following:

(i) Section 1754(c)(1)(A) of the Export Control Reform Act of 2018 (50 U.S.C. 4318(c)(1)(A)).

(ii) Section 620A of the Foreign Assistance Act of 1961 (22 U.S.C. 2371).

(iii) Section 40 of the Arms Export Control Act (22 U.S.C. 2780).

(iv) Any other provision of law.

(4) Any entity included on any of the following lists maintained by the Department of Commerce (see the Export Administration Regulations at 15 CFR subchapter C):

(i) The Entity List in supplement no. 4 to 15 CFR part 744.

(ii) The Denied Persons List as described in 15 CFR 764.3(a)(2).

(iii) The Unverified List in supplement no. 6 to 15 CFR part 744.

(iv) The Military End User List in supplement no. 7 to 15 CFR part 744.

(5) Any entity identified by the Secretary of Defense pursuant to section 1237(b) of the National Defense Authorization Act for Fiscal Year 1999 (Pub. L. 105-261; 50 U.S.C. 1701 note).

(6) Any entity on the Non-Specially Designated Nationals Chinese Military-Industrial Complex Companies List maintained by the Office of Foreign Assets Control of the Department of the Treasury under Executive Order 14032, Addressing the Threat From Securities Investments That Finance Certain Companies of the People's Republic of China.

(b) Prohibition. DoD cannot award to the Offeror a contract assigned a North American Industry Classification System code beginning with 5416 if the Offeror—

(1) Cannot certify that neither the Offeror nor any of its subsidiaries or affiliates hold a contract or subcontract that involves consulting services with one or more covered foreign entities; and

(2) Does not maintain a conflict-of-interest mitigation plan as described in paragraph (d) of this provision.

(c) Certification. The Offeror certifies that—

(1)(i) It does [ ] does not [ ] hold a contract or subcontract that involves consulting services with one or more covered foreign entities; and

(ii) Its subsidiaries or affiliates do [ ] do not [ ] hold a contract or subcontract that involves consulting services with one or more covered foreign entities; and

(2) It does [ ] does not [ ] maintain a conflict-of-interest mitigation plan described in paragraph (d) of this provision.

(d) Conflict-of-interest mitigation plan. If the Offeror answered in the affirmative in paragraphs (c)(1) and (2) of this provision, then the Offeror shall submit its conflict-of-interest mitigation plan to the Contracting Officer for approval. The Offeror may contact the Contracting Officer for guidance on submitting the Offeror's conflict-of-interest mitigation plan.

(1) The Offeror's conflict-of-interest mitigation plan shall be auditable by a contract oversight entity and shall include—

(i) An identification, unless otherwise prohibited by law or regulation, of any covered contracts of the Offeror or its subsidiaries or affiliates with a covered foreign entity. If the Offeror is unable to identify one or more covered foreign entities due to confidentiality obligations, the Offeror shall identify such entities as a covered foreign entity;

(ii) A written analysis, including a course of action for avoiding, neutralizing, or mitigating the actual or potential conflict of interest of such a covered contract;

(iii) A description of the procedures by which the Offeror or its subsidiaries or affiliates will ensure that individuals who will perform the scope of a covered contract will not, for the duration of such contract, also provide any consulting services to any covered foreign entity; and

(iv) A description of the procedures by which the Offeror or its subsidiaries or affiliates will submit to the contract oversight entities a notice of an unmitigated conflict of interest with respect to a covered contract within 15 days of determining that such a conflict has arisen.

(2) The Contracting Officer will incorporate the Offeror's approved conflict-of-interest mitigation plan into any contract awarded to the Offeror resulting from this solicitation.

(End of provision)

§ 252.211-7002252.211-7002 Availability for examination of specifications, standards, plans, drawings, data item descriptions, and other pertinent documents.

As prescribed in 211.204(c), use the following provision:

Availability for Examination of Specifications, Standards, Plans, Drawings, Data Item Descriptions, and Other Pertinent Documents (DEC 1991)

The specifications, standards, plans, drawings, data item descriptions, and other pertinent documents cited in this solicitation are not available for distribution but may be examined at the following location:

(Insert complete address)

(End of provision)

§ 252.211-7003252.211-7003 Item Unique Identification and Valuation.

As prescribed in 211.274-5(a), use the following clause:

Item Unique Identification and Valuation (JAN 2023)

(a) Definitions. As used in this clause—

Automatic identification device means a device, such as a reader or interrogator, used to retrieve data encoded on machine-readable media.

Concatenated unique item identifier means—

(1) For items that are serialized within the enterprise identifier, the linking together of the unique identifier data elements in order of the issuing agency code, enterprise identifier, and unique serial number within the enterprise identifier; or

(2) For items that are serialized within the original part, lot, or batch number, the linking together of the unique identifier data elements in order of the issuing agency code; enterprise identifier; original part, lot, or batch number; and serial number within the original part, lot, or batch number.

Data matrix means a two-dimensional matrix symbology, which is made up of square or, in some cases, round modules arranged within a perimeter finder pattern and uses the Error Checking and Correction 200 (ECC200) specification found within International Standards Organization (ISO)/International Electrotechnical Commission (IEC) 16022.

Data qualifier means a specified character (or string of characters) that immediately precedes a data field that defines the general category or intended use of the data that follows.

DoD recognized unique identification equivalent means a unique identification method that is in commercial use and has been recognized by DoD. All DoD recognized unique identification equivalents are listed at https://www.acq.osd.mil/asda/dpc/ce/ds/unique-id.html.

DoD item unique identification means a system of marking items delivered to DoD with unique item identifiers that have machine-readable data elements to distinguish an item from all other like and unlike items. For items that are serialized within the enterprise identifier, the unique item identifier shall include the data elements of the enterprise identifier and a unique serial number. For items that are serialized within the part, lot, or batch number within the enterprise identifier, the unique item identifier shall include the data elements of the enterprise identifier; the original part, lot, or batch number; and the serial number.

Enterprise means the entity ( e.g. , a manufacturer or vendor) responsible for assigning unique item identifiers to items.

Enterprise identifier means a code that is uniquely assigned to an enterprise by an issuing agency.

Government's unit acquisition cost means—

(1) For fixed-price type line, subline, or exhibit line items, the unit price identified in the contract at the time of delivery;

(2) For cost-type or undefinitized line, subline, or exhibit line items, the Contractor's estimated fully burdened unit cost to the Government at the time of delivery; and

(3) For items produced under a time-and-materials contract, the Contractor's estimated fully burdened unit cost to the Government at the time of delivery.

Issuing agency means an organization responsible for assigning a globally unique identifier to an enterprise, as indicated in the Register of Issuing Agency Codes for ISO/IEC 15459, located at http://www.aimglobal.org/?Reg_Authority15459.

Issuing agency code means a code that designates the registration (or controlling) authority for the enterprise identifier.

Item means a single hardware article or a single unit formed by a grouping of subassemblies, components, or constituent parts.

Lot or batch number means an identifying number assigned by the enterprise to a designated group of items, usually referred to as either a lot or a batch, all of which were manufactured under identical conditions.

Machine-readable means an automatic identification technology media, such as bar codes, contact memory buttons, radio frequency identification, or optical memory cards.

Original part number means a combination of numbers or letters assigned by the enterprise at item creation to a class of items with the same form, fit, function, and interface.

Parent item means the item assembly, intermediate component, or subassembly that has an embedded item with a unique item identifier or DoD recognized unique identification equivalent.

Serial number within the enterprise identifier means a combination of numbers, letters, or symbols assigned by the enterprise to an item that provides for the differentiation of that item from any other like and unlike item and is never used again within the enterprise.

Serial number within the part, lot, or batch number means a combination of numbers or letters assigned by the enterprise to an item that provides for the differentiation of that item from any other like item within a part, lot, or batch number assignment.

Serialization within the enterprise identifier means each item produced is assigned a serial number that is unique among all the tangible items produced by the enterprise and is never used again. The enterprise is responsible for ensuring unique serialization within the enterprise identifier.

Serialization within the part, lot, or batch number means each item of a particular part, lot, or batch number is assigned a unique serial number within that part, lot, or batch number assignment. The enterprise is responsible for ensuring unique serialization within the part, lot, or batch number within the enterprise identifier.

Type designation means a combination of letters and numerals assigned by the Government to a major end item, assembly or subassembly, as appropriate, to provide a convenient means of differentiating between items having the same basic name and to indicate modifications and changes thereto.

Unique item identifier means a set of data elements marked on items that is globally unique and unambiguous. The term includes a concatenated unique item identifier or a DoD recognized unique identification equivalent.

Unique item identifier type means a designator to indicate which method of uniquely identifying a part has been used. The current list of accepted unique item identifier types is maintained at https://www.acq.osd.mil/asda/dpc/ce/ds/unique-id.html .

(b) The Contractor shall deliver all items under a contract line, subline, or exhibit line item.

(c) Unique item identifier. (1) The Contractor shall provide a unique item identifier for the following:

(i) Delivered items for which the Government's unit acquisition cost is $5,000 or more, except for the following line items:

Contract line, subline, or exhibit line item No.

Item description

(ii) Items for which the Government's unit acquisition cost is less than $5,000 that are identified in the Schedule or the following table:

Contract line, subline, or exhibit line item No.

Item description

( If items are identified in the Schedule, insert “See Schedule” in this table. )

(iii) Subassemblies, components, and parts embedded within delivered items, items with warranty requirements, DoD serially managed reparables and DoD serially managed nonreparables as specified in Attachment Number ____.

(iv) Any item of special tooling or special test equipment as defined in FAR 2.101 that have been designated for preservation and storage for a Major Defense Acquisition Program as specified in Attachment Number ____.

(v) Any item not included in paragraphs (c)(1)(i), (ii), (iii), or (iv) of this clause for which the contractor creates and marks a unique item identifier for traceability.

(2) The unique item identifier assignment and its component data element combination shall not be duplicated on any other item marked or registered in the DoD Item Unique Identification Registry by the contractor.

(3) The unique item identifier component data elements shall be marked on an item using two dimensional data matrix symbology that complies with ISO/IEC International Standard 16022, Information technology—International symbology specification—Data matrix; ECC200 data matrix specification.

(4) Data syntax and semantics of unique item identifiers. The Contractor shall ensure that—

(i) The data elements (except issuing agency code) of the unique item identifier are encoded within the data matrix symbol that is marked on the item using one of the following three types of data qualifiers, as determined by the Contractor:

(A) Application Identifiers (AIs) (Format Indicator 05 of ISO/IEC International Standard 15434), in accordance with ISO/IEC International Standard 15418, Information Technology—EAN/UCC Application Identifiers and Fact Data Identifiers and Maintenance and ANSI MH 10.8.2 Data Identifier and Application Identifier Standard.

(B) Data Identifiers (DIs) (Format Indicator 06 of ISO/IEC International Standard 15434), in accordance with ISO/IEC International Standard 15418, Information Technology—EAN/UCC Application Identifiers and Fact Data Identifiers and Maintenance and ANSI MH 10.8.2 Data Identifier and Application Identifier Standard.

(C) Text Element Identifiers (TEIs) (Format Indicator 12 of ISO/IEC International Standard 15434), in accordance with the Air Transport Association Common Support Data Dictionary; and

(ii) The encoded data elements of the unique item identifier conform to the transfer structure, syntax, and coding of messages and data formats specified for Format Indicators 05, 06, and 12 in ISO/IEC International Standard 15434, Information Technology-Transfer Syntax for High Capacity Automatic Data Capture Media.

(5) Unique item identifier.

(i) The Contractor shall—

(A) Determine whether to—

( 1 ) Serialize within the enterprise identifier;

( 2 ) Serialize within the part, lot, or batch number; or

( 3 ) Use a DoD recognized unique identification equivalent (e.g. Vehicle Identification Number); and

(B) Place the data elements of the unique item identifier (enterprise identifier; serial number; DoD recognized unique identification equivalent; and for serialization within the part, lot, or batch number only: Original part, lot, or batch number) on items requiring marking by paragraph (c)(1) of this clause, based on the criteria provided in MIL-STD-130, Identification Marking of U.S. Military Property, latest version;

(C) Label shipments, storage containers and packages that contain uniquely identified items in accordance with the requirements of MIL-STD-129, Military Marking for Shipment and Storage, latest version; and

(D) Verify that the marks on items and labels on shipments, storage containers, and packages are machine readable and conform to the applicable standards. The contractor shall use an automatic identification technology device for this verification that has been programmed to the requirements of Appendix A, MIL-STD-130, latest version.

(ii) The issuing agency code—

(A) Shall not be placed on the item; and

(B) Shall be derived from the data qualifier for the enterprise identifier.

(d) For each item that requires item unique identification under paragraph (c)(1)(i), (ii), or (iv) of this clause or when item unique identification is provided under paragraph (c)(1)(v), in addition to the information provided as part of the Material Inspection and Receiving Report specified elsewhere in this contract, the Contractor shall report at the time of delivery, as part of the Material Inspection and Receiving Report, the following information:

(1) Unique item identifier.

(2) Unique item identifier type.

(3) Issuing agency code (if concatenated unique item identifier is used).

(4) Enterprise identifier (if concatenated unique item identifier is used).

(5) Original part number (if there is serialization within the original part number).

(6) Lot or batch number (if there is serialization within the lot or batch number).

(7) Current part number (optional and only if not the same as the original part number).

(8) Current part number effective date (optional and only if current part number is used).

(9) Serial number (if concatenated unique item identifier is used).

(10) Government's unit acquisition cost.

(11) Unit of measure.

(12) Type designation of the item as specified in the contract schedule, if any.

(13) Whether the item is an item of Special Tooling or Special Test Equipment.

(14) Whether the item is covered by a warranty.

(e) For embedded subassemblies, components, and parts that require DoD item unique identification under paragraph (c)(1)(iii) of this clause or when item unique identification is provided under paragraph (c)(1)(v), the Contractor shall report as part of the Material Inspection and Receiving Report specified elsewhere in this contract, the following information:

(1) Unique item identifier of the parent item under paragraph (c)(1) of this clause that contains the embedded subassembly, component, or part.

(2) Unique item identifier of the embedded subassembly, component, or part.

(3) Unique item identifier type.**

(4) Issuing agency code (if concatenated unique item identifier is used).**

(5) Enterprise identifier (if concatenated unique item identifier is used).**

(6) Original part number (if there is serialization within the original part number).**

(7) Lot or batch number (if there is serialization within the lot or batch number).**

(8) Current part number (optional and only if not the same as the original part number).**

(9) Current part number effective date (optional and only if current part number is used).**

(10) Serial number (if concatenated unique item identifier is used).**

(11) Description.

** Once per item.

(f) The Contractor shall submit the information required by paragraphs (d) and (e) of this clause as follows:

(1) End items shall be reported using the receiving report capability in Wide Area WorkFlow (WAWF) in accordance with the clause at 252.232-7003. If WAWF is not required by this contract, and the contractor is not using WAWF, follow the procedures at http://dodprocurementtoolbox.com/site/uidregistry/.

(2) Embedded items shall be reported by one of the following methods—

(i) Use of the embedded items capability in WAWF;

(ii) Direct data submission to the IUID Registry following the procedures and formats at http://dodprocurementtoolbox.com/site/uidregistry/; or

(iii) Via WAWF as a deliverable attachment for exhibit line item number ( fill in ) ____, Unique Item Identifier Report for Embedded Items, Contract Data Requirements List, DD Form 1423.

(g) Subcontracts. If the Contractor acquires by subcontract any item(s) for which item unique identification is required in accordance with paragraph (c)(1) of this clause, the Contractor shall include this clause, including this paragraph (g), in the applicable subcontract(s), including subcontracts for commercial products or commercial services.

(End of clause)

§ 252.211-7008252.211-7008 Use of Government-assigned Serial Numbers.

As prescribed in 211.274-5(b), use the following clause:

Use of Government-assigned Serial Numbers (SEP 2010)

(a) Definitions. As used in this clause—

Government-assigned serial number means a combination of letters or numerals in a fixed human-readable information format (text) conveying information about a major end item, which is provided to a contractor by the requiring activity with accompanying technical data instructions for marking the Government-assigned serial number on major end items to be delivered to the Government.

Major end item means a final combination of component parts and/or materials which is ready for its intended use and of such importance to operational readiness that review and control of inventory management functions (procurement, distribution, maintenance, disposal, and asset reporting) is required at all levels of life cycle management. Major end items include aircraft; ships; boats; motorized wheeled, tracked, and towed vehicles for use on highway or rough terrain; weapon and missile end items; ammunition; and sets, assemblies, or end items having a major end item as a component.

Unique item identifier (UII) means a set of data elements permanently marked on an item that is globally unique and unambiguous and never changes in order to provide traceability of the item throughout its total life cycle. The term includes a concatenated UII or a DoD-recognized unique identification equivalent.

(b) The Contractor shall mark the Government-assigned serial numbers on those major end items as specified by line item in the Schedule, in accordance with the technical instructions for the placement and method of application identified in the terms and conditions of the contract.

(c) The Contractor shall register the Government-assigned serial number along with the major end item's UII at the time of delivery in accordance with the provisions of the clause at DFARS 252.211-7003(d).

(d) The Contractor shall establish the UII for major end items for use throughout the life of the major end item. The Contractor may elect, but is not required, to use the Government-assigned serial number to construct the UII.

(End of clause)

§ 252.215-7002252.215-7002 Cost Estimating System Requirements.

As prescribed in 215.408(1), use the following clause:

Cost Estimating System Requirements (Jan 2025)

(a) Definitions.

Acceptable estimating system means an estimating system that complies with the system criteria in paragraph (d) of this clause, and provides for a system that—

(1) Is maintained, reliable, and consistently applied;

(2) Produces verifiable, supportable, documented, and timely cost estimates that are an acceptable basis for negotiation of fair and reasonable prices;

(3) Is consistent with and integrated with the Contractor's related management systems; and

(4) Is subject to applicable financial control systems.

Estimating system means the Contractor's policies, procedures, and practices for budgeting and planning controls, and generating estimates of costs and other data included in proposals submitted to customers in the expectation of receiving contract awards. Estimating system includes the Contractor's—

(1) Organizational structure;

(2) Established lines of authority, duties, and responsibilities;

(3) Internal controls and managerial reviews;

(4) Flow of work, coordination, and communication; and

(5) Budgeting, planning, estimating methods, techniques, accumulation of historical costs, and other analyses used to generate cost estimates.

Material weakness means a deficiency or combination of deficiencies in the internal control over information in contractor business systems, such that there is a reasonable possibility that a material misstatement of such information will not be prevented, or detected and corrected, on a timely basis. A reasonable possibility exists when the likelihood of an event occurring is—

(1) Probable; or

(2) More than remote but less than likely (section 806 of Pub. L. 116-283).

(b) General. The Contractor shall establish, maintain, and comply with an acceptable estimating system.

(c) Applicability. Paragraphs (d) and (e) of this clause apply if the Contractor is a large business and either—

(1) In its fiscal year preceding award of this contract, received Department of Defense (DoD) prime contracts or subcontracts, totaling $50 million or more for which certified cost or pricing data were required; or

(2) In its fiscal year preceding award of this contract—

(i) Received DoD prime contracts or subcontracts totaling $10 million or more (but less than $50 million) for which certified cost or pricing data were required; and

(ii) Was notified, in writing, by the Contracting Officer that paragraphs (d) and (e) of this clause apply.

(d) System requirements. (1) The Contractor shall disclose its estimating system to the Administrative Contracting Officer (ACO), in writing. If the Contractor wishes the Government to protect the data and information as privileged or confidential, the Contractor must mark the documents with the appropriate legends before submission.

(2) An estimating system disclosure is acceptable when the Contractor has provided the ACO with documentation that—

(i) Accurately describes those policies, procedures, and practices that the Contractor currently uses in preparing cost proposals; and

(ii) Provides sufficient detail for the Government to reasonably make an informed judgment regarding the acceptability of the Contractor's estimating practices.

(3) The Contractor shall—

(i) Comply with its disclosed estimating system; and

(ii) Disclose significant changes to the cost estimating system to the ACO on a timely basis.

(4) The Contractor's estimating system shall provide for the use of appropriate source data, utilize sound estimating techniques and good judgment, maintain a consistent approach, and adhere to established policies and procedures. An acceptable estimating system shall accomplish the following functions:

(i) Establish clear responsibility for preparation, review, and approval of cost estimates and budgets.

(ii) Provide a written description of the organization and duties of the personnel responsible for preparing, reviewing, and approving cost estimates and budgets.

(iii) Ensure that relevant personnel have sufficient training, experience, and guidance to perform estimating and budgeting tasks in accordance with the Contractor's established procedures.

(iv) Identify and document the sources of data and the estimating methods and rationale used in developing cost estimates and budgets.

(v) Provide for adequate supervision throughout the estimating and budgeting process.

(vi) Provide for consistent application of estimating and budgeting techniques.

(vii) Provide for detection and timely correction of errors.

(viii) Protect against cost duplication and omissions.

(ix) Provide for the use of historical experience, including historical vendor pricing data, where appropriate.

(x) Require use of appropriate analytical methods.

(xi) Integrate data and information available from other management systems.

(xii) Require management review, including verification of compliance with the company's estimating and budgeting policies, procedures, and practices.

(xiii) Provide for internal review of, and accountability for, the acceptability of the estimating system, including the budgetary data supporting indirect cost estimates and comparisons of projected results to actual results, and an analysis of any differences.

(xiv) Provide procedures to update cost estimates and notify the Contracting Officer in a timely manner throughout the negotiation process.

(xv) Provide procedures that ensure subcontract prices are reasonable based on a documented review and analysis provided with the prime proposal, when practicable.

(xvi) Provide estimating and budgeting practices that consistently generate sound proposals that are compliant with the provisions of the solicitation and are adequate to serve as a basis to reach a fair and reasonable price.

(xvii) Have an adequate system description, including policies, procedures, and estimating and budgeting practices, that comply with the Federal Acquisition Regulation and Defense Federal Acquisition Regulation Supplement.

(e) Material weaknesses. (1) The Contracting Officer will provide an initial determination to the Contractor, in writing, of any material weaknesses. The initial determination will describe the underlying deficiency in sufficient detail to allow the Contractor to understand the weakness or deficiency.

(2) The Contractor shall respond within 30 days to a written initial determination from the Contracting Officer that identifies material weaknesses in the Contractor's estimating system. If the Contractor disagrees with the initial determination, the Contractor shall state, in writing, its rationale for disagreeing.

(3) The Contracting Officer will evaluate the Contractor's response and notify the Contractor, in writing, of the Contracting Officer's final determination concerning—

(i) Remaining material weaknesses;

(ii) The adequacy of any proposed or completed corrective action; and

(iii) System disapproval, if the Contracting Officer determines that one or more material weaknesses remain.

(f) If the Contractor receives the Contracting Officer's final determination of material weaknesses, the Contractor shall, within 45 days of receipt of the final determination, either correct the material weaknesses or submit an acceptable corrective action plan showing milestones and actions to eliminate the material weaknesses.

(g) Withholding payments. If the Contracting Officer makes a final determination to disapprove the Contractor's estimating system, and the contract includes the clause at 252.242-7005, Contractor Business Systems, the Contracting Officer will withhold payments in accordance with that clause.

(End of clause)

§ 252.215-7003252.215-7003 Requirement for Submission of Data Other Than Certified Cost or Pricing Data—Canadian Commercial Corporation.

As prescribed at 215.408(2)(i), use the following provision:

Requirement for Submission of Data Other Than Certified Cost or Pricing Data—Canadian Commercial Corporation (JUL 2012)

(a) Submission of certified cost or pricing data is not required.

(b) Canadian Commercial Corporation shall obtain and provide the following:

(i) Profit rate or fee (as applicable).

(ii) Analysis provided by Public Works and Government Services Canada to the Canadian Commercial Corporation to determine a fair and reasonable price (comparable to the analysis required at FAR 15.404-1).

(iii) Data other than certified cost or pricing data necessary to permit a determination by the U.S. Contracting Officer that the proposed price is fair and reasonable [ U.S. Contracting Officer to insert description of the data required in accordance with FAR 15.403-3(a)(1) ].

(c) As specified in FAR 15.403-3(a)(4), an offeror who does not comply with a requirement to submit data that the U.S. Contracting Officer has deemed necessary to determine price reasonableness or cost realism is ineligible for award unless the head of the contracting activity determines that it is in the best interest of the Government to make the award to that offeror.

(End of provision)

§ 252.215-7004252.215-7004 Requirement for Submission of Data Other Than Certified Cost or Pricing Data—Modifications-Canadian Commercial Corporation.

As prescribed at 215.408(2)(ii), use the following clause:

Requirement for Submission of Data Other Than Certified Cost or Pricing Data—Modifications—Canadian Commercial Corporation (OCT 2013)

This clause, in lieu of FAR 52.215-21, applies only if award is to the Canadian Commercial Corporation.

(a) Submission of certified cost or pricing data is not required.

(b) Canadian Commercial Corporation shall obtain and provide the following for modifications that exceed $150,000 [ or higher dollar value specified by the U.S. Contracting Officer in the solicitation ].

(i) Profit rate or fee (as applicable).

(ii) Analysis provided by Public Works and Government Services Canada to the Canadian Commercial Corporation to determine a fair and reasonable price (comparable to the analysis required at FAR 15.404-1).

(iii) Data other than certified cost or pricing data necessary to permit a determination by the U.S. Contracting Officer that the proposed price is fair and reasonable [ U.S. Contracting Officer to insert description of the data required in accordance with FAR 15.403-3(a)(1) ].

(End of clause)

§ 252.215-7006252.215-7006 Use of Employees or Individual Subcontractors Who Are Members of the Selected Reserve.

As prescribed in 215.370-3, use the following clause:

Use of Employees or Individual Subcontractors Who Are Members of the Selected Reserve (MAR 2022)

(a) Definition. As used in this clause—

Selected Reserve has the meaning given that term in 10 U.S.C. 10143. Selected Reserve members normally attend regular drills throughout the year and are the group of Reserves most readily available to the President.

(b) If the Contractor stated in its offer that it intends to use members of the Selected Reserve in the performance of this contract—

(1) The Contractor shall use employees, or individual subcontractors, who are members of the Selected Reserve in the performance of the contract to the fullest extent consistent with efficient contract performance; and

(2) The Government has the right to terminate the contract for default if the Contractor willfully or intentionally fails to use members of the Selected Reserve, as employees or individual subcontractors, in the performance of the contract.

(End of clause)

348 sections

Cite this law

SOLICITATION PROVISIONS AND CONTRACT CLAUSES (U.S.C.). Retrieved via LawPlayer, https://lawplayer.com/us/act/cfr-title-48-part-252

United States government works (U.S. Code, Code of Federal Regulations) are in the public domain under 17 U.S.C. § 105.

US-Gov-PublicDomain

本頁資料來源:GPO govinfo / eCFR·整理提供:法律人 LawPlayer· lawplayer.com