Previous PageTable Of ContentsNext Page

DARS PART 39 -- ACQUISITION OF INFORMATION TECHNOLOGY



PART 39 -- ACQUISITION OF INFORMATION TECHNOLOGY

Table of Contents

SUBPART 39.1-GENERAL

39.002 Definitions

39.101 Policy

39.201 Scope of Subpart

SUBPART 39.71 – SECURITY AND PRIVACY FOR COMPUTER SYSTEMS

239.7102 Data Information Assurance Protection Policy

239.7103 Contract Clause

SUBPART 239.74-TELECOMMUNICATIONS SERVICES

239.7411 Contract Clauses.

PART 39 -- ACQUISITION OF INFORMATION TECHNOLOGY

39.002 Definitions.

(S-90) Information Technology (IT) Acquisition. Acquiring IT, including National Security System (NSS) IT, by any method including contract, grant, cooperative agreement, international agreement, interagency Economy Act orders (see DARS Subpart 17.5) or any "other transactions."

SUBPART 39.1—GENERAL

39.101 Policy.

(S-90) The CIO’s Memorandum, “Information Technology, Information Management, and Information Assurance Oversight Policies and Procedures for Acquisitions”, dated 01 May 2000 provides IT investment management and oversight guidance, specifically directed to DISA internal IT investments and their compliance with the Clinger-Cohen Act.

(S-91) Guidance from the “Acquisition of Services” Memorandum from the Under Secretary of Defense for Acquisition, Technology, and Logistics (USD (AT&L)), dated 31 May 2002, which established policy for service and IT acquisitions (has been incorporated into DoDI 5000.2, Operations of the Defense Acquisition System, 8 Dec 2008, see enclosure 8, Acquisition of Services: Under http://www.dtic.mil/whs/directives/corres/pdf/500002p.pdf this memorandum (i.e., Section 5.0 of the attachment), Assistant Secretary of Defense for Networks and Information Integration (ASD (NII)) reissued its 25 July 1997 memorandum, “Information Technology Investment Management Insight Policy for Acquisition,” which raised thresholds for reporting a proposed IT investment (excluding an IT investment exclusively supporting a Major Automated Information System (MAIS) Program or Major Defense Acquisition Program (MDAP)). The USD(AT&L) is responsible for reviewing, approving, and reporting service acquisitions. The ASD (NII) is responsible for reviewing and approving IT acquisitions subject to the re-established thresholds. The USD(AT&L) memorandum also referred to oversight responsibility by the Component Acquisition Executive (CAE). The full text of the memorandum can be viewed at the OSD Policy Archive for 2002, http://www.acq.osd.mil/dpap/. Related guidance is contained in DOD Directive 8115.1, Information Technology Portfolio Management Information, 10 October 2005 http://www.dtic.mil/whs/directives/corres/pdf/811501p.pdf .

39.2-ELECTRONIC AND INFORMATION TECHNOLOGY.

39.201 Scope of subpart.

(S-90) Section 508 Compliance. The DISA Section 508 Acquisition Policy may be accessed at

http://www.ditco.disa.mil/hq/section508/section508.asp .

239.71-SECURITY AND PRIVACY FOR COMPUTER SYSTEMS

239.7102 Policy and responsibilities.

(S-90) The requirements official, security official, and the Organization’s Information Assurance Manager (IAM), with the assistance of the contracting officer (CO), shall ensure that IA requirements are incorporated in work statements and specifications in accordance with DOD Instruction 8500.2, Information Assurance Implementation, and DOD Instruction 8580.1, Information Assurance (IA).

(S-91) DISA’s Strategic Planning Initiative’s Information Assurance Office (SI34) will ensure that IA awareness, training, and education are provided to all DISA military and civilian personnel commensurate with their respective responsibilities in accordance with DOD Directive, 8570.1-M, Information Assurance Training, Certification, and Workforce Management. SI34 is responsible for establishing and sustaining IA training, which can be accessed from http://iase.disa.mil. SI34 will provide separate notification on any supplemental IA training that will be provided.

239.7103 Contract clauses.

(b) Use the clause DARS 52.239-9001, Data Information Assurance Protection, in Section H of all solicitations, contracts and basic agreements for all service solicitations and contracts where sensitive Government Furnished Information (GFI) and/or access to Government Information Technology (IT) systems containing sensitive information is provided (exclusive of telecommunication circuits and or services that are acquired via the Inquiry/Quote/Order process).

SUBPART 239.74-TELECOMMUNICATIONS SERVICES

239.7411 Contract clauses.

(S-90) Use the clause at DARS 52.239-9000, Outage Credits, in solicitations, contracts and basic agreements for telecommunications services, unless the acquisition requires a more comprehensive outage credit requirement, which is included as a "special contract requirement" (Section H of the solicitation and contract).

Previous PageTop Of PageTable Of ContentsNext Page