552.204-9 / Basic

GSA 552.204-9 Personal Identity Verification Requirements. Basic (Jul 2020) (Current)

As prescribed in 504.1303, insert the clause at 552.204-9, Personal Identity Verification Requirements, in solicitations and contracts when it is determined that contractor employees will require access to federally controlled facilities or information systems to perform contract requirements.

Personal Identity Verification Requirements (Jul 2020)

      (a)  The Contractor shall comply with GSA personal identity verification requirements, available at https://www.gsa.gov/hspd12, if Contractor employees require access to GSA controlled facilities or information systems to perform contract requirements.

      (b)  The Contractor shall insert this clause in all subcontracts when the subcontractor is required to have access to a GSA-controlled facility or access to a GSA-controlled information system.

     (End of clause)
 

The Contractor shall insert this clause in all subcontracts when the subcontractor is required to have access to a GSA-controlled facility or access to a GSA-controlled information system.

Mandatory (Exception);
(Applies when the subcontractor is required to have access to a GSA-controlled facility or access to a GSA-controlled information system.)

52.204-21 Basic Safeguarding of Covered Contractor Information Systems.

52.204-23 Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities.

252.204-7000 Disclosure of Information.

252.204-7008 Compliance with Safeguarding Covered Defense Information Controls.

252.204-7009 Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information.

252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting.

252.239-7000 Protection Against Compromising Emanations.

252.239-7009 Representation of Use of Cloud Computing.

252.239-7010 Cloud Computing Services.

252.239-7017 Notice of Supply Chain Risk.

252.239-7018 Supply Chain Risk.

252.245-7000 Government-Furnished Mapping, Charting, and Geodesy Property.

252.246-7007 Contractor Counterfeit Electronic Part Detection and Avoidance System.

252.204-7016 Covered Defense Telecommunications Equipment or Services-Representation.

252.204-7017 Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services—Representation.

252.204-7018 Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services

252.204-7019 Notice of NIST SP 800-171 DoD Assessment Requirements.

252.204-7020 NIST SP 800-171 DoD Assessment Requirements.

252.204-7021 Contractor Compliance with the Cybersecurity Maturity Model Certification Level Requirement.

1852.246-74 Contractor Counterfeit Electronic Part Detection and Avoidance

3052.204-70 Security requirements for unclassified information technology resources.

3052.204-71 Contractor employee access.

552.239-70 Information Technology Security Plan and Security Authorization.

552.239-71 Security Requirements for Unclassified Information Technology Resources.

552.238-110 Commercial Satellite Communication (COMSATCOM) Services.

652.239-70 Information Technology Security Plan and Accreditation.

652.239-71 Security Requirements for Unclassified Information Technology Resources.

752.204-72 Access to USAID facilities and USAID's information systems.

952.204-77 Computer security.

952.223-76 Conditional payment of fee or profit-safeguarding restricted data and other classified information and protection of worker safety and health.

970.5203-1 Management controls.

970.5204-1 Counterintelligence.

970.5204-3 Access to and ownership of records.

Working with a set of FAR clauses from an RFP or contract?

Try pasting them into our tool to instantly generate a risk profile, including the basic flow down recommendation.

Run a free analysis now!

Info

Works best with Chrome and Edge browsers!