USAID 752.204-72 Access to USAID facilities and USAID's information systems. Basic (AUG 2013)

As prescribed in (48 CFR) AIDAR 704.404(b), if the contract requires the contractor (or contractor employees) to have routine physical access to USAID-controlled facilities in the U.S. (i.e., will need an ID for regular entry to USAID space), or have logical access to USAID's information systems (i.e., access to AIDNet, Phoenix, the Global Acquisition and Assistance System (GLAAS,) etc.,) and the solicitation and contract contains (48 CFR) FAR 52.204-9(a), the contracting officer must also insert (48 CFR) AIDAR 752.204-72, Access to USAID Facilities and USAID's Information Systems. Only U.S citizen employees or consultants of a U.S.-based company may request routine physical access to USAID-controlled facilities or logical access to USAID's information systems.

Access to USAID Facilities and USAID's Information Systems (AUG 2013)

(a) A U.S. citizen or resident alien engaged in the performance of this award as an employee, consultant, or volunteer of a U.S firm may obtain access to USAID facilities or logical access to USAID's information systems only when and to the extent necessary to carry out this award and in accordance with this clause. The contractor's employees, consultants, or volunteers who are not U.S. citizen as well as employees, consultants, or volunteers of non-U.S. firms, irrespective of their citizenship, will not be granted logical access to U.S. Government information technology systems (such as Phoenix, GLAAS, etc.) and must be escorted to use U.S. Government facilities (such as office space).

(b) Before a contractor (or a contractor employee, consultant, or volunteer) or subcontractor at any tier may obtain a USAID ID (new or replacement) authorizing the individual routine access to USAID facilities in the United States, or logical access to USAID's information systems, the individual must provide two forms of identity source documents in original form to the Enrollment Office personnel when undergoing processing. One identity source document must be a valid Federal or State Government-issued picture ID. Contractors may contact the USAID Security Office to obtain the list of acceptable forms of documentation. Submission of these documents, to include documentation of security background investigations, are mandatory in order for the contractor to receive a PIV/FAC card and be granted access to any of USAID's information systems. All such individuals must physically present these two source documents for identity proofing at their enrollment.

(c) The contractor or its Facilities Security Officer must return any issued building access ID and remote authentication token to the contracting officer's representative (COR) upon termination of the individual's employment with the contractor or completion of the contract, whichever occurs first.

(d) Individuals engaged in the performance of this award as employees, consultants, or volunteers of the contractor must comply with all applicable Homeland Security Presidential Directive-12 (HSPD-12) and Personal Identity Verification (PIV) procedures, as described above, and any subsequent USAID or Government-wide HSPD-12 and PIV procedures/policies.

(e) The contractor is required to insert this clause in any subcontracts that require the subcontractor, subcontractor employee, or consultant to have routine physical access to USAID space or logical access to USAID's information systems.

[79 FR 74998, Dec. 16, 2014]

(e) The contractor is required to insert this clause in any subcontracts that require the subcontractor, subcontractor employee, or consultant to have routine physical access to USAID space or logical access to USAID's information systems.

Mandatory (Exception);
(Applies if the subcontractor will have routine physical access to USAID space or logical access to USAID's information systems.)

52.204-21 Basic Safeguarding of Covered Contractor Information Systems.

52.204-23 Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities.

252.204-7000 Disclosure of Information.

252.204-7008 Compliance with Safeguarding Covered Defense Information Controls.

252.204-7009 Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information.

252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting.

252.239-7000 Protection Against Compromising Emanations.

252.239-7009 Representation of Use of Cloud Computing.

252.239-7010 Cloud Computing Services.

252.239-7017 Notice of Supply Chain Risk.

252.239-7018 Supply Chain Risk.

252.245-7000 Government-Furnished Mapping, Charting, and Geodesy Property.

252.246-7007 Contractor Counterfeit Electronic Part Detection and Avoidance System.

3052.204-70 Security requirements for unclassified information technology resources.

3052.204-71 Contractor employee access.

552.239-70 Information Technology Security Plan and Security Authorization.

552.239-71 Security Requirements for Unclassified Information Technology Resources.

652.239-70 Information Technology Security Plan and Accreditation.

652.239-71 Security Requirements for Unclassified Information Technology Resources.

952.204-77 Computer security.

952.223-76 Conditional payment of fee or profit—safeguarding restricted data and other classified information and protection of worker safety and health.

Working with a set of FAR clauses from an RFP or contract?

Try pasting them into our tool to instantly generate a risk profile, including the basic flow down recommendation.

Info

Works best with Chrome and Edge browsers!