DFARS (Defense Federal Acquisition Regulation Supplement) is a set of basic security controls for contractor information systems upon which all Department of Defense (DoD) contractors that process, store or transmit Controlled Unclassified Information (CUI) must meet. The security controls associated with DFARS must be implemented at the contractor and subcontractor levels. These security controls are based on the information security guidance detailed in NIST Special Publication 800-171, “Protecting Controlled Unclassified Information in Non-Federal Information Systems and Organizations.” DFARS is an agency supplement of Federal Acquisition Regulation (FAR), the principal set of rules in the Federal Acquisition Regulations System regarding government procurement in the United States.
More information on DFARS Compliance
Visit our blog post about how Rsam helped a defense contractor reach their DFARS Compliance NIST 800-171 goals.