Interim final rule establishes protocols for FASC

The U.S. Federal Acquisition Security Council (FASC) issued an interim final rule[1] implementing aspects of the Federal Acquisition Supply Chain Security Act of 2018 (FASCSA) and establishing the laws governing how the council will share information on supply chain risks and how it will recommend exclusion and removal orders. The interim final rule was published Sept. 1, and the open commenting period extends until Nov. 2.

The FASCSA was signed into law Dec. 21, 2018,[2] and established the FASC, an interagency council that is chaired by a senior-level official from the Office of Management and Budget and includes representatives from the Department of Homeland Security, the Office of the Director of National Intelligence, the Department of Justice, the Department of Defense and the Department of Commerce.

The FASCSA and FASC together are a major pillar[3] of the United States federal government’s drive to secure information and technology supply chains and create a government-wide information sharing process on supply chain risks. The drive to do this focuses primarily on the information technology (IT) industry and IT-related supply chains—through cybersecurity efforts such as the Cybersecurity Maturity Model Certification[4] and various efforts[5] to freeze out Chinese tech companies that are allegedly engaged in cyberespionage.

This document is only available to subscribers. Please log in or purchase access.
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field