Common use of Information Security and other miscellaneous requirements Clause in Contracts

Information Security and other miscellaneous requirements. 12.7.1 Contractor personnel shall comply with all local security requirements including entry and exit control for personnel and property at the Government facility. 12.7.2 Contractor employees shall be required to comply with all Government security regulations and requirements. Initial and periodic safety and security training and briefings will be provided by Government security personnel. Failure to comply with Government security regulations and requirements shall require the company to provide the Government with a written remediation/corrective action plan; furthermore, failure to comply with such requirements can be cause for removal and the contractor will not be able to provide service on this Contract. 12.7.3 Contractor employees with an incident report in JPAS who have had their access to classified suspended will not be permitted to provide to fill positions requiring access to classified information on a DISA Contract/Task Order. 12.7.4 The Contractor shall not divulge any information, classified or unclassified, about DoD files, data processing activities or functions, user identifications, passwords, or any other knowledge that may be gained, to anyone who is not authorized to have access to such information. The Contractor shall observe and comply with the security provisions in effect at the DoD facility. Identification shall be worn and displayed as required. 12.7.5 DISA retains the right to request removal of Contractor personnel regardless of prior clearance or adjudication status, whose actions, while assigned to this Contract, clearly conflict with the interest of the Government. 12.7.6 Contractor personnel will generate or handle documents that contain For Official Use Only information at the Government facility. Contractor shall have access to generate and handle classified material only at the location(s) listed in the place of performance section of this document. All Contractor deliverables shall be marked in accordance with DoDM 5200.1, Vol. 3, Vol. 4, Information Security, DoD 5400.7-R, Freedom of Information Act Program, unless otherwise directed by the Government. The Contractor shall comply with the provisions of the DoD Industrial Security Manual for handling classified material and producing deliverables. The Contractor shall comply with DISA Instruction 000-000-00. 12.7.7 The Contractor shall afford the Government access to the contractor’s facilities, installations, operations, documentation, databases and personnel used in performance of the contract/order. Access shall be provided to the extent required to carry out a program of IT inspection (to include vulnerability testing), investigation and audit to safeguard against threats and hazards to the integrity, availability and confidentiality of data or to the function of information technology systems operated on behalf of DISA or DoD, and to preserve evidence of computer crime.

Information Security and other miscellaneous requirements. 12.7.1 Contractor personnel shall comply with all local security requirements including entry and exit control for personnel and property at the Government government facility. 12.7.2 . Contractor employees shall be required to comply with all Government security regulations and requirements. Initial and periodic safety and security training and briefings will be provided by Government security personnel. Failure to comply with Government security regulations and requirements shall require the company to provide the Government with a written remediation/corrective action plan; furthermore, failure to comply with such requirements can be cause for removal and the contractor Contractor will not be able to provide service on this Contract. 12.7.3 contract/order. Contractor employees with an incident report in JPAS who have had their access to classified suspended will not be permitted to provide to fill positions requiring access to classified information on a DISA Contractcontract/Task Order. 12.7.4 order. The Contractor shall not divulge any information, classified or unclassified, about DoD files, data processing activities or functions, user identifications, passwords, or any other knowledge that may be gained, to anyone who is not authorized to have access to such information. The Contractor shall observe and comply with the security provisions in effect at the DoD facility. Identification shall be worn and displayed as required. 12.7.5 . DISA retains the right to request removal of Contractor personnel regardless of prior clearance or adjudication status, whose actions, while assigned to this Contractcontract, clearly conflict with the interest of the Government. 12.7.6 . Contractor personnel will generate or handle documents that contain For Official Use Only information at the Contractor and/or Government facilityfacilities. Contractor shall have access to generate and handle classified material only at the location(s) listed in the place of performance section of this document. All Contractor deliverables shall be marked in accordance with DoDM 5200.1, Vol. 3, Vol. 4, Information Security, DoD 5400.7-R, Freedom of Information Act Program, unless otherwise directed by the Government. The Contractor shall comply with the provisions of the DoD Industrial Security Manual for handling classified material and producing deliverables. The Contractor shall comply with DISA Instruction 000-000-00. 12.7.7 . The Contractor shall afford the Government access to the contractorContractor’s facilities, installations, operations, documentation, databases and personnel used in performance of the contract/order. Access shall be provided to the extent required to carry out a program of IT inspection (to include vulnerability testing), investigation and audit to safeguard against threats and hazards to the integrity, availability and confidentiality of data or to the function of information technology systems operated on behalf of DISA or DoD, and to preserve evidence of computer crime. 13.1 Government Furnished Property (GFP)/Government-Furnished Equipment (GFE)/ Government- Furnished Information (GFI): Any GFP, GFE, and/or GFI will be determined at the task order level.

Information Security and other miscellaneous requirements. 12.7.1 11.7.1 Contractor personnel shall comply with all local security requirements including entry and exit control for personnel and property at the Government government facility. 12.7.2 11.7.2 Contractor employees shall be required to comply with all Government security regulations and requirements. Initial and periodic safety and security training and briefings will be provided by Government security personnel. Failure to comply with Government security regulations and requirements shall require the company to provide the Government with a written remediation/corrective action plan; furthermore, failure to comply with such requirements can be cause for removal of the contractor, and the contractor will not be able to provide service on this Contractcontract/order. 12.7.3 11.7.3 Contractor employees with an incident report in JPAS who have had their access to classified materials/areas suspended will not be permitted to provide to fill positions requiring access to classified information on a DISA Contractcontract/Task Orderorder. 12.7.4 11.7.4 The Contractor contractor shall not divulge any information, classified or unclassified, about DoD files, data processing activities or functions, user identifications, passwords, or any other knowledge that may be gained, to anyone who is not authorized to have access to such information. The Contractor contractor shall observe and comply with the security provisions in effect at the DoD facility. Identification badges shall be worn and displayed as required. 12.7.5 11.7.5 DISA retains the right to request removal of Contractor contractor personnel regardless of prior clearance or adjudication status, whose actions, while assigned to this Contractcontract, clearly conflict with the interest of the Government. 12.7.6 11.7.6 Contractor personnel will generate or handle documents that contain For Official Use Only FOUO information at the Government contractor facility. Contractor shall have access to personnel will generate or handle documents that contain PROPRIETARY, ACQUISITION SENSITIVE, or similarly designated information at the contractor facility. Contractor personnel will access, generate, and handle classified material up to the SECRET level only at the location(s) listed in the place of performance section of this document. All Contractor contractor deliverables shall be marked in accordance with DoDM 5200.1, Vol. 3, Vol. 4, Information Security, DoD 5400.7-R, Freedom of Information Act (FOIA) Program, unless otherwise directed by the Government. The Contractor contractor shall comply with the provisions of the DoD Industrial Security Manual for handling classified material and producing deliverables. Industrial 11.7.7 The Contractor shall comply with DISA Instruction 000-000-00. 12.7.7 The Contractor contractor shall afford the Government access to the contractor’s facilities, installations, operations, documentation, databases and personnel used in performance of the contract/order. Access shall be provided to the extent required to carry out a program of IT inspection (to include vulnerability testing), investigation and audit to safeguard against threats and hazards to the integrity, availability and confidentiality of data or to the function of information technology IT systems operated on behalf of DISA or DoD, and to preserve evidence of computer crime.

Information Security and other miscellaneous requirements. 12.7.1 11.7.1 Contractor personnel shall comply with all local security requirements including entry and exit control for personnel and property at the Government government facility. 12.7.2 11.7.2 Contractor employees shall be required to comply with all Government security regulations and requirements. Initial and periodic safety and security training and briefings will be provided by Government security personnel. Failure to comply with Government security regulations and requirements shall require the company to provide the Government with a written remediation/corrective action plan; furthermore, failure to comply with such requirements can be cause for removal of the contractor, and the contractor will not be able to provide service on this Contractcontract/order. 12.7.3 11.7.3 Contractor employees with an incident report in JPAS who have had their access to classified materials/areas suspended will not be permitted to provide to fill positions requiring access to classified information on a DISA Contractcontract/Task Orderorder. 12.7.4 11.7.4 The Contractor contractor shall not divulge any information, classified or unclassified, about DoD files, data processing activities or functions, user identifications, passwords, or any other knowledge that may be gained, to anyone who is not authorized to have access to such information. The Contractor contractor shall observe and comply with the security provisions in effect at the DoD facility. Identification badges shall be worn and displayed as required. 12.7.5 11.7.5 DISA retains the right to request removal of Contractor contractor personnel regardless of prior clearance or adjudication status, whose actions, while assigned to this Contractcontract, clearly conflict with the interest of the Government. 12.7.6 11.7.6 Contractor personnel will generate or handle documents that contain For Official Use Only FOUO information at the Government contractor facility. Contractor shall have access to personnel will generate or handle documents that contain PROPRIETARY, ACQUISITION SENSITIVE, or similarly designated information at the contractor facility. Contractor personnel will access, generate, and handle classified material up to the SECRET level only at the location(s) listed in the place of performance section of this document. All Contractor contractor deliverables shall be marked in accordance with DoDM 5200.1, Vol. 3, Vol. 4, Information Security, DoD 5400.7-R, Freedom of Information Act (FOIA) Program, unless otherwise directed by the Government. unless 11.7.7 The Contractor shall comply with the provisions of the DoD Industrial Security Manual for handling classified material and producing deliverables. The Contractor shall comply with DISA Instruction 000-000-00. 12.7.7 The Contractor contractor shall afford the Government access to the contractor’s facilities, installations, operations, documentation, databases and personnel used in performance of the contract/order. Access shall be provided to the extent required to carry out a program of IT inspection (to include vulnerability testing), investigation and audit to safeguard against threats and hazards to the integrity, availability and confidentiality of data or to the function of information technology IT systems operated on behalf of DISA or DoD, and to preserve evidence of computer crime.