Anyone who has been closely following the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program knows the effort has experienced a fair number of complications and delays. ForContinue Reading Updated Timeline for CMMC Implementation
Updated as of May 24, 2022
The United States is engaging in a new form of warfare. Russia invaded Ukraine just over two months ago and, rather than join the fight directly by sending troops to defend Ukraine, the United States is fighting indirectly by engaging in unprecedented financial warfare against the Russian Federation. The initial export and sanctions actions were swift and severe – but somewhat expected. As the invasion persists, the U.S. Federal Government and individual States also have begun to leverage procurement policy to amplify the financial harm to Russia. This Guide will try to help make sense of the current efforts targeting Russia, the potential impact to government contractors, and proactive steps to mitigate risk.…
On April 18, 2022, the Biden Administration (through the Office of Management and Budget (“OMB”)) issued OMB Memorandum M-22-11 (the “Guidance”) relating to the “Buy America” sourcing requirements under the “Build America, Buy America” portion of the Infrastructure Investment and Jobs Act (“IIJA”), Pub. L. No. 117-58, §§ 70901-70953. The Act aimed to strengthen Made in America Laws in accordance with President Biden’s Executive Order 14005, “Ensuring the Future is Made in America by All of America’s Workers” (discussed previously here). In addition to tasking the Federal Acquisition Regulatory Council with amending FAR regulations for the Buy American Act (“BAA”), Congress also imposed new “Buy America” requirements on federal infrastructure programs.
Continue Reading “Build America, Buy America” – New Guidelines Issued for U.S. Infrastructure Projects
Over a year after the Biden Administration issued Executive Order 14005 on “Ensuring the Future is Made in America by All of America’s Workers,” (discussed previously here) the Federal Acquisition Regulatory Council (“FAR Council”) has published a Final Rule (87 Fed. Reg. 12780) implementing changes to the Buy American Act (“BAA”) regulations at FAR Subpart 25.1 and 25.2. These new rules require (eventually) for federal agencies to procure end items manufactured in the United States that are at least 75% domestic content – a drastic increase from the current 55% domestic content requirement. Surprised? You shouldn’t be. We’ve been expecting this rule for a while now. What is a surprise is the effective date – October 25, 2022. The FAR Council wants to give companies a little time for the new rule to sink in and for companies to assess their supply chains to ensure that they can comply with the new thresholds. Companies are well advised to take advantage of this “transition period” between now and October 2022 to get their ducks in a row.
Continue Reading Few Surprises – New Rule Implementing Biden’s “Made in America” Changes the Buy American Act Effective October 2022
Change is in the air for the Buy American Act (“BAA”). On July 30, 2021, the Federal Acquisition Regulatory Council published a proposed rule to the Federal Acquisition Regulation (“FAR”) to implement President Biden’s Executive Order 14005, on “Ensuring the Future is Made in America by All of America’s Workers,” which seeks to further strengthen U.S. Buy American laws and further encourage domestic procurement (previously discussed here). A public meeting to discuss the proposed rule is scheduled for August 26, 2021, and comments will be due September 28, 2021. This blog article summarizes the new BAA proposed rule, offering a primer in advance of the public meeting next week and the public comment deadline next month. Yes, folks – change is in the air. Fasten your seatbelts; we may encounter some turbulence ahead.
Continue Reading Fasten Your Seatbelts – Proposed Rule Implementing Biden’s “Buy American” Mandates
The National Institute of Standards and Technology (“NIST”) is seeking comments on its draft NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on April 29, 2021. The public comment period currently is open and concludes on June 14, 2021. NIST anticipates releasing a second draft in September 2021, with a final version anticipated to be released by April 2022.
Continue Reading Seeking HoNIST Opinions – NIST Invites Comments on Major Revision to Cyber Supply Chain Risk Management Practices for Systems and Organizations (SP 800-161) and Provides Further Software Supply Chain Guidance
On January 7, 2020, the National Aeronautics and Space Administration (“NASA”) published a proposed rule seeking to amend the NASA Federal Regulation Supplement regarding counterfeit electronic parts. The proposed rule…
Continue Reading Let the Seller Beware – NASA’s Proposed Rule Seeks to Limit the Presence of Counterfeit Electronic Parts