Keith Nakasone, deputy assistant commissioner for acquisition within the Office of Information Technology Category (ITC) at the General Services Administration (GSA), said GSA’s office of ITC is adding supply chain risk management and cybersecurity requirements to old and new federal contracts to ensure that vendors comply with certain requirements, FedScoop reported Tuesday.
“We’re not only going through the process, where the contractors are delivering commodities and services, but also the follow-through,” Nakasone said Tuesday during a GSA webinar. “So after they go through a self-certification process, there’s a compliance piece that we’re working on that we’ll monitor to ensure that they are following their SCRM plan.”
ITC, for instance, integrated some of the language of the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program into the 8(a) STARS III governmentwide acquisition contract (GWAC) for IT platforms to ensure the GWAC has the basic cyber requirements for CMMC Level 1 vendors.
“We’re trying to build more flexibility into our major contracts so that we will be able to move forward as innovation, emerging technologies and as regulations, policies and procedures change over time,” Nakasone said.
Featuring Brian Barnes, associate administrator for the Office of Small Business Utilization with the U.S. General Services Administration (GSA), as the keynote speaker, the event will educate and inform small to midsize GovCon professionals on the current Federal Marketplace and FY21 opportunities.
The event will also include an expert panel hosting federal and industry executives that will discuss how to navigate the GSA schedule and what industry can do to help. Join GovConWire’s virtual event to learn all about the latest topics within the federal marketplace.