100 likes | 189 Views
FAR Part 39 – Acquisition of Information Technology. FAR Study Group 15 Jan 2013. Definition – Information Technology.
E N D
FAR Part 39 – Acquisition of Information Technology FAR Study Group 15 Jan 2013
Definition – Information Technology • “Information technology” (IT) means any equipment, or interconnected system(s) or subsystem(s) of equipment, that is used in the automatic acquisition, storage, analysis, evaluation, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the agency. IT includes computers, ancillary equipment (including imaging peripherals, input, output, and storage devices necessary for security and surveillance), peripheral equipment designed to be controlled by the central processing unit of a computer, software, firmware and similar procedures, services (including support services), and related resources. It does NOT include any equipment that-- (i) Is acquired by a contractor incidental to a contract; or (ii) Contains imbedded information technology that is used as an integral part of the product, but the principal function of which is not the acquisition, storage, analysis, evaluation, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information. For example, HVAC (heating, ventilation, and air conditioning) equipment such as thermostats or temperature control devices, and medical equipment where information technology is integral to its operation, is not information technology.
Definitions • Modular Contracting – use of one or more contracts to acquire IT systems in successive, interoperable increments • National Security System – any telecom or information system operated by the US government, the function, operation, or use of which involves intelligence, or cryptologic activities, command/control of military forces, equipment that is an integral part of a weapons system, or is critical to the direct fulfillment of military or intelligence missions. • Y2K – Year 2000 compliance means the software correctly processes dates prior to and following the year 2000
FAR 39.1 General • Agencies may not acquire any IT that is not Y2K compliant • IT Requirements Definition: Use OMB Circular A-130, Electronic Product Environmental Assessment (EPEAT) standards, and consider the rapidly-changing nature of IT • Follow OMB Circular A-127, Financial Management Systems to acquire such systems
FAR 39.1 General • Include appropriate IT security policies, including those of the National Institute of Standards & Technology (NIST) • Analyze risks, benefits and costs prior to entering IT contracts. • Clinger-Cohen Act of 1996 requires use of modular contracting when acquiring major IT systems – to reduce program risk and incentivize contractor performance
FAR 39.103 Modular Contracting • Modular Contracting advantages: • Acquisition is divided into smaller increments • Easier to manage, increases likelihood of obtaining workable systems • Provides opportunity for subsequent increments to take advantage of technology evolutions • Reduces program risk by isolating & avoiding custom-designed components of the system
FAR 39.103 Modular Contracting • Consider the following factors: • Use common or commercially-available standards to promote compatibility • Performance requirements of each increment should be consistent with the performance of the completed overall system • Use appropriate contracting techniques (contract type and method, multiple awards, options, etc.) • Award contract within 180 days of solicitation issue date to maximum extent
FAR 39.104 &39.105 • IT Services contracts should be performance-based • IT contracts shall address the protection of privacy (Privacy Act), with specific requirements for IT services that require the contractor to design/develop/operate a “system of records”
FAR 39.2 Electronic & Information Technology (EIT) • Implements Section 508 of the Rehabilitation Act of 1973 • Agencies acquiring EIT must ensure that federal employees and members of the public seeking information who have disabilities have access comparable to those without disabilities. • Acquisition of EIT supplies/services must meet the applicable accessibility standards
FAR 39.2 Electronic Information Technology (EIT) • If the agency justifies it has an “undue burden” then an exception determination may be executed to be able to include supplies or services that are non-compliant with Section 508 – these are rare. • Accessibility requirements at FAR 39.203 do not apply to EIT that: • Is purchased as a micro-purchase, is for a national security system, is acquired by a contractor incidental to a contract, is in the “back-office,” or that would impose an “undue burden” on the agency (requires “undue burden” determination unless acquiring commercial items)