DFARS 252.239-7017 Notice of Supply Chain Risk. Basic (Nov 2013)
As prescribed in 239.7306(a), insert the provision at 252.239-7017, Notice of Supply Chain Risk, in all solicitations, including solicitations using FAR part 12 procedures for the acquisition of commercial items, for information technology, whether acquired as a service or as a supply, that is a covered system, is a part of a covered system, or is in support of a covered system, as defined at 239.7301.
NOTICE OF SUPPLY CHAIN RISK (NOV 2013)
(a) Definitions. “Supply chain risk,” as used in this provision, means the risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of a national security system (as that term is defined at 44 U.S.C. 3542(b)) so as to surveil, deny, disrupt, or otherwise degrade the function, use, or operation of such system.
(b) In order to manage supply chain risk, the Government may use the authorities provided by section 806 of Pub. L. 111-383. In exercising these authorities, the Government may consider information, public and non-public, including all-source intelligence, relating to an offeror and its supply chain.
(c) If the Government exercises the authority provided in section 806 of Pub. L. 111-383 to limit disclosure of information, no action undertaken by the Government under such authority shall be subject to review in a bid protest before the Government Accountability Office or in any Federal court.
(End of provision)
Subcontractor ✖Contracts ✖ DFARS 212.301IT ✔ (Applies to information technology, whether acquired as a service or as a supply, that is a covered system, is a part of a covered system, or is in support of a covered system, as defined at 239.7301.);
Working with a set of FAR clauses from an RFP or contract?
Try pasting them into our tool to instantly generate a risk profile, including the basic flow down recommendation.