Skip to main content
HTML

CAR

Part Number: 1339

Commerce Acquisition Regulations

PART 1339 - ACQUISITION OF INFORMATION TECHNOLOGY

Authority: 41 U.S.C. 414; 48 CFR 1.301-1.304.

Source: 75 FR 10570, Mar. 8, 2010, unless otherwise noted.

      Subpart 1339.1 - General

           1339.107 Contract clauses.

           1339.107-70 Information security.

      Subpart 1339.2 - Electronic and Information Technology

           1339.270 Solicitation provisions and contract clauses.

Subpart 1339.1 - General

1339.107 Contract clauses.

Insert clause 1352.239-70, Software License Addendum, in all contracts when the primary purpose is to purchase new software licenses or renew existing licenses.

1339.107-70 Information security.

(a) For all service acquisitions over the micro-purchase threshold, contracting professionals shall coordinate with the designated Contracting Officer Representative (COR) to complete the Information Security in Acquisition Checklist.

(b) When the Information Security in Acquisition Checklist indicates that Clause 1352.239-73, Security Requirements for Information Technology Resources, is needed, contracting officers shall insert the clause in the solicitation and contracts. If the checklist indicates that the Certification and Accreditation requirement in Clause 1352.239-73 is not required, the contracting officer shall include the statement “The Certification and Accreditation (C&A) requirements of Clause 1352.239-73 do not apply, and a Security Accreditation Package is not required” in the statement of work.

(c) Contracting professionals shall insert the appropriate risk designation clause from CAM 1337.70 into DOC solicitations and contracts for services depending upon the level of contractor access privileges to DOC IT systems. In addition, contracting professionals shall document the official contract file to include the rationale for the designated risk level.

Subpart 1339.2 - Electronic and Information Technology

1339.270 Solicitation provisions and contract clauses.

(a) Insert provision substantially similar to 1352.239-71, Electronic and Information Technology, in solicitations for Electronic and Information (EIT) to which it applies.

(b) Insert clause 1352.239-72, Security Requirements for Information Technology Resources, in all DOC solicitations and contracts for Information Technology services. The clause language may only be modified by adding more restrictive agency- or operating unit counsel -specific guidance