Implementation of Information Technology Security Requirements; GSAR Sections Affected: 511.170, 511.171

The General Services Administration (GSA) is extending an existing OMB information collection, requiring contracting officers to insert the clause at 552.239–71, Security Requirements for Unclassified Information Technology Resources, in solicitations and contracts containing the provision at 552.239–70, Information Technology Security Plan and Security Authorization. As such, the provision and clause are inserted in solicitations that include information technology products, services or systems in which the contractor will have physical or electronic access to government information that directly supports the mission of GSA. The clause requires contractors, within 30 days after contract award, to submit an IT Security Plan to the Contracting Officer and Contracting Officer’s Representative for acceptance that describes the processes and procedures that will be followed to ensure appropriate security of IT resources that are developed, processed, or used under the contract.

The latest form for Implementation of Information Technology Security Requirements; GSAR Sections Affected: 511.170, 511.171 expires 2021-01-31 and can be found here.