The Department of Defense (DoD) issued a Notice and Request for Comment on draft guidance that DoD proposes for assessing contractors’ System Security Plans (SSPs) and their implementation of the security controls in NIST Special Publication 800-171. DFARS 252.204-7012 requires defense contractors to provide security for networks where covered defense information is processed, stored, or transmitted.
DoD issued two draft guidance documents including, “Assessing the State of a Contractor’s Information System,” and “DoD Guidance for Reviewing System Security Plans and the NIST SP 800-171 Security Requirements Not Yet Implemented.”
Read the Draft Guidance Documents – link to
https://www.natlawreview.com/article/draft-dod-guidance-ssps-and-nist-sp-800-171-impact-bid-protests-and-ongoing-contract