November 16, 2015

WASHINGTON – Five leading groups representing federal contractors have asked the Department of Defense (DOD) to suspend implementing a rushed network penetration and cloud computing services rule, that went into effect without public comment, until substantial concerns and confusion have been addressed. The request was made in comments submitted late last week to the DOD by members of the Council of Defense and Space Industry Associations (CODSIA), including the American Council of Engineering Companies (ACEC), Information Technology Alliance for Public Sector (ITAPS, a division of ITI), Professional Services Council (PSC), and U.S. Chamber of Commerce.

In the comments regarding the Defense Federal Acquisition Regulations (DFARS) Case 2013-D018, Network Penetration Reporting and Contracting for Cloud Services, the groups contend contractors are scrambling to understand the regulation, and its far-reaching impacts, on how a company or supplier protects its networks and data. Cloud computing services providers and contractors who utilize cloud computing capabilities are seeking greater clarity from the DOD regarding the provision and the use of cloud computing in the defense industrial base. DOD cloud computing providers also want to understand how they are expected to support chain of custody requirements with their suppliers and subcontractors under the interim rule.

The CODISA group has requested that DOD suspend implementing the rule and host a public meeting or some other type of public discourse mechanism (akin to the GSA Interact portal) to respond to questions and concerns. The groups also recommend DOD consider establishing a two-year transition period for implementing the rule for contracts entered into before January 2016.

# # #

Public Policy Tags: ITAPS