USAID 752.239-70 Information Technology Authorization. Basic (May 2024) (Current)

As prescribed in AIDAR 739.106(b), Contracting officers must insert the clause at 752.239–70, Information Technology Authorization, in all

solicitations and contracts.

Information Technology Authorization. (MAY 2024)

(a) Definitions. As used in this contract:

Information Technology means

    (1) Any services or equipment, or interconnected system(s) or subsystem(s) of equipment, that are used in the automatic acquisition, storage, analysis, evaluation, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the agency; where

    (2) such services or equipment are "used by an agency" if used by the agency directly or if used by a contractor under a contract with the agency that requires either use of the services or equipment or requires use of the services or equipment to a significant extent in the performance of a service or the furnishing of a product.

    (3) The term "information technology" includes computers, ancillary equipment (including imaging peripherals, input, output, and storage devices necessary for security and surveillance), peripheral equipment designed to be controlled by the central processing unit of a computer, software, firmware and similar procedures, services (including provisioned services such as cloud computing and support services that support any point of the lifecycle of the equipment or service), and related resources.

    (4) The term "information technology" does not include any equipment that is acquired by a contractor incidental to a contract that does not require use of the equipment.

(b) Approval Requirements. The Federal Information Technology Acquisition Reform Act (FITARA) requires Agency Chief Information Officer (CIO) review and approval of acquisitions of information technology and information technology services. Any information technology specified in the Schedule of this contract has already been approved by the CIO. The Contractor must not acquire any additional information technology without the prior written approval of the Contracting Officer as specified in this clause.

(c) Request for Approval Procedure.

    (1) If the Contractor determines that any information technology not specified in the Schedule will be necessary in the performance of the contract, the Contractor must request prior written approval from the Contracting Officer, including the Contracting Officer's Representative and the Office of the CIO (ITAuthorization@usaid.gov) on the request.

    (2) In the request, the Contractor must provide an itemized description of the information technology to be procured. For equipment (including hardware and software), the Contractor must include any applicable brand names, model/version numbers, quantities, and estimated unit and total cost information. For services, the Contractor must provide a detailed description of the services, name(s) of the service provider(s), and estimated cost information.

    (3) The Contracting Officer will approve or deny in writing the Contractor's request. If granted, the Contracting Officer will specify in writing the information technology approved by the CIO for purchase.

(d) Subcontracts. The Contractor must insert the substance of this clause, including this paragraph (d), in all subcontracts. The Contractor is responsible for requesting any approval required under paragraphs (b) and (c) of this clause for any applicable subcontractor information technology acquisition.

(End of clause)

 

Prime’s obligation;
IT ✔ 

52.204-21 Basic Safeguarding of Covered Contractor Information Systems.

52.204-23 Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab Covered Entities.

52.204-28 Federal Acquisition Supply Chain Security Act Orders-Federal Supply Schedules, Governmentwide Acquisition Contracts, and Multi-Agency Contracts.

52.204-29 Federal Acquisition Supply Chain Security Act Orders-Representation and Disclosures.

52.204-30 Federal Acquisition Supply Chain Security Act Orders-Prohibition.

52.204-27 Prohibition on a ByteDance Covered Application.

252.204-7016 Covered Defense Telecommunications Equipment or Services-Representation.

252.204-7017 Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services—Representation.

252.204-7018 Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services.

252.204-7019 Notice of NIST SP 800-171 DoD Assessment Requirements.

252.204-7020 NIST SP 800-171 DoD Assessment Requirements.

252.204-7021 Contractor Compliance with the Cybersecurity Maturity Model Certification Level Requirement.

252.204-7000 Disclosure of Information.

252.204-7008 Compliance with Safeguarding Covered Defense Information Controls.

252.204-7009 Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information.

252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting.

252.239-7000 Protection Against Compromising Emanations.

252.239-7009 Representation of Use of Cloud Computing.

252.239-7010 Cloud Computing Services.

252.239-7017 Notice of Supply Chain Risk.

252.239-7018 Supply Chain Risk.

252.245-7000 Government-Furnished Mapping, Charting, and Geodesy Property.

252.246-7007 Contractor Counterfeit Electronic Part Detection and Avoidance System.

1852.246-74 Contractor Counterfeit Electronic Part Detection and Avoidance

3052.204-72 Safeguarding of Controlled Unclassified Information.

3052.204-73 Notification and Credit Monitoring Requirements for Personally Identifiable Information Incidents.

3052.204-71 Contractor employee access.

552.204-9 Personal Identity Verification Requirements.

552.239-70 Information Technology Security Plan and Security Authorization.

552.239-71 Security Requirements for Unclassified Information Technology Resources.

552.238-110 Commercial Satellite Communication (COMSATCOM) Services.

652.239-70 Information Technology Security Plan and Accreditation.

652.239-71 Security Requirements for Unclassified Information Technology Resources.

752.204-72 Access to USAID facilities and USAID's information systems.

752.239-72 USAID-Financed Project Websites.

752.227-71 Planning, Collection, and Submission of Digital Information to USAID.

970.5203-1 Management controls.

970.5204-1 Counterintelligence.

970.5204-3 Access to and ownership of records.

952.204-77 Computer security.

952.223-76 Conditional payment of fee or profit-safeguarding restricted data and other classified information and protection of worker safety and health.

Working with a set of FAR clauses from an RFP or contract?

Try pasting them into our tool to instantly generate a risk profile, including the basic flow down recommendation.

Info

Works best with Chrome and Edge browsers!