Skip Ribbon Commands
Skip to main content
 
      

What is New?

  
  
  
  
Event6/22/2020 1:05 PM
  
  
  
  
  
5-Safeguarding CDI - June 2019.pptx
  
Report7/10/2019 10:21 AM
DFARS CDI Def and Terminology - June 2019 DAU Webinar.pdf
  
Learning Material7/10/2019 10:21 AM
7-DevSecOps_Transformation_Agile-in-Gov_sbrady_DAY OF CYBER_2.pptx
  
Report6/28/2019 12:42 PM
4-Shanahan Day of Cyber (Final).pptx
  
Report6/28/2019 12:40 PM
3-CYBER Threat - DARK APS.pptx
  
Report6/28/2019 12:39 PM
2-Ragsdale_DAU_v7_withoutBackups.pptx
  
Report6/28/2019 12:38 PM
DAU_Calloni_RMF_Weapon_Systems-2019-03-20.pdf
  
Learning Material5/16/2019 6:28 PM
Jordan Jaimie DAU Focus Event 2019.pptx
  
Learning Material5/13/2019 5:30 PM
Mid_Atlantic May 2019 DFARS CDI Overview.pptx
  
Learning Material5/13/2019 5:25 PM
DAU-Cyber-Acq-Focus-SwA-Hurt-14May2019-vF.pptx
  
Learning Material5/13/2019 1:27 PM

 Featured Multi-Media

  
Picture Placeholder: STEPHEN MILLS
  • STEPHEN MILLS
32/27/2018 9:09 AM

​Does the RMF help in achieving Cyber Resiliency?

KEVIN WILLIAMS9/3/2020 5:35 PMNo
  
Picture Placeholder: rcshanah
  • rcshanah
07/29/2020 9:26 AM


On 20 July 2020, ​OUSD(R&E) issued a new instruction governing technology and program protection. DoDI 5000.83, "Technology and Program Protection to Maintain Technological Advantage." It is another in a series of functional area instructions that incorporates and replaces parts of DoDI 5000.02T.

This new instruction does the following:

  • "Establishes policy, assigns responsibilities, and provides procedures for science and technology (S&T) managers and engineers to manage system security and cybersecurity technical risks from foreign intelligence collection; hardware, software, cyber, and cyberspace vulnerabilities; supply chain exploitation; and reverse engineering to:
o DoD-sponsored research and technology that is in the interest of national security.
o DoD warfighting capabilities.
  • Assigns responsibilities and provides procedures for S&T managers and lead systems engineers for technology area protection plans (TAPPs), S&T protection, program protection plans (PPPs), and engineering cybersecurity activities."
This policy applies to both in-house S&T/R&D efforts and those out-sourced to government-affiliated organizations such as FFRDCs, industry, and academia.

The policy incorporates and cancels parts of DoDI 5000.02T Enclosures 3 and 13 governing program protection and cybersecurity. Tables 1 & 2 in the new instruction state specific sections of those enclosures that transferred over.

Training on this new policy will likely be incorporated into an existing or a new DAU Rapid Deployment Training package that will be given at a future DAU Webcast as part of the Adaptive Acquisition Framework series.


7/29/2020 9:26 AMNo
  
Picture Placeholder: CICCO DI
  • CICCO DI
05/20/2020 12:16 PM

​If the government requests this information as part of a forensic analysis as called out in DFARS 7012 paragraph (f), the contractor must in turn request this information from their CSP provider.

If not, then the contractor would be out of compliance with the DFARS clause. 

The only way I view that is one needs to have O365   Government Community Cloud High (GCC High) licenses.

Do all agree?  

Thank You

 Ralph


5/20/2020 12:16 PMNo
  
Picture Placeholder: STEPHANI HUNSINGER
  • STEPHANI HUNSINGER
23/23/2017 3:27 PM

​How do I transition from DIACAP to RMF?

LARKIN WALKER10/2/2017 8:38 AMNo
  
There are no items to show in this view of the "Related Websites" list.