CAR PART 1339—ACQUISITION OF INFORMATION TECHNOLOGY

• Subpart 1339.1—General
• 1339.107 Contract clauses.
• 1339.107-70 Information security.
• Subpart 1339.2—Electronic and Information Technology
• 1339.270 Solicitation provisions and contract clauses.

PART 1339—ACQUISITION OF INFORMATION TECHNOLOGY

Section Contents

Subpart 1339.1—General

  1339.107 Contract clauses.  1339.107-70 Information security.

Subpart 1339.2—Electronic and Information Technology

  1339.270 Solicitation provisions and contract clauses.

Authority: 41 U.S.C. 414; 48 CFR 1.301–1.304.

Source: 75 FR 10570, Mar. 8, 2010, unless otherwise noted.

Subpart 1339.1—General

1339.107 Contract clauses.

Insert clause

1352.239–70, Software License Addendum, in all contracts when the primary purpose is to purchase new software licenses or renew existing licenses.

1339.107-70 Information security.

(a) For all service acquisitions over the micro-purchase threshold, contracting professionals shall coordinate with the designated Contracting Officer Representative (COR) to complete the Information Security in Acquisition Checklist.

(b) When the Information Security in Acquisition Checklist indicates that Clause

1352.239–73, Security Requirements for Information Technology Resources, is needed, contracting officers shall insert the clause in the solicitation and contracts. If the checklist indicates that the Certification and Accreditation requirement in Clause

1352.239–73 is not required, the contracting officer shall include the statement “ The Certification and Accreditation (C&A) requirements of Clause

1352.239–73 do not apply, and a Security Accreditation Package is not required” in the statement of work.

(c) Contracting professionals shall insert the appropriate risk designation clause from CAM 1337.70 into DOC solicitations and contracts for services depending upon the level of contractor access privileges to DOC IT systems. In addition, contracting professionals shall document the official contract file to include the rationale for the designated risk level.

Subpart 1339.2—Electronic and Information Technology

1339.270 Solicitation provisions and contract clauses.

(a) Insert provision substantially similar to

1352.239–71, Electronic and Information Technology, in solicitations for Electronic and Information (EIT) to which it applies.

(b) Insert clause

1352.239–72, Security Requirements for Information Technology Resources, in all DOC solicitations and contracts for Information Technology services. The clause language may only be modified by adding more restrictive agency- or operating unit counsel -specific guidance.