FAR Part 39 Flashcards
Acquisition of Information Technology
Part 39
Acquisition of Information Technology
Part 39 Acquisition of Information Technology
Overview of FAR Part 39 - Acquisition of Information Technology
Purpose: Establishes policies and procedures for acquiring
information technology (IT) (FAR 39.000).
Key Sections:
- 39.1 General
- 39.2 Electronic and Information Technology
Part 39 Acquisition of Information Technology
Subpart 39.1 - General
Purpose: Provides general policies for IT acquisition (FAR 39.101).
Key Features:
Emphasizes the importance of strategic planning and management in IT
acquisitions (FAR 39.102).
Requires adherence to federal IT standards and guidelines (FAR 39.103).
Part 39 Acquisition of Information Technology
Subpart 39.1 - IT Strategic Planning and Management
Purpose: Highlights the importance of strategic planning and
management in IT acquisitions (FAR 39.102).
Key Features:
Ensures that IT investments are aligned with agency goals and objectives (FAR
39.102(a)).
Promotes the use of enterprise architecture to guide IT acquisitions (FAR 39.102(b)).
Part 39 Acquisition of Information Technology
Subpart 39.2 - Electronic and Information Technology
Purpose: Addresses the acquisition of electronic and information
technology (EIT) with a focus on accessibility (FAR 39.201).
Key Features:
Requirements for ensuring EIT accessibility for individuals with disabilities (FAR
39.202).
Guidelines for incorporating accessibility standards into IT acquisitions (FAR 39.203).
Part 39 Acquisition of Information Technology
Subpart 39.2 - Incorporating Accessibility into IT Acquisitions
Purpose: Provides guidelines for incorporating accessibility standards
into IT acquisitions (FAR 39.203).
Key Features:
Mandates compliance with accessibility standards to ensure EIT solutions are
usable by individuals with disabilities (FAR 39.203(a)).
Requires agencies to evaluate and test EIT solutions for accessibility (FAR 39.203(b)).
What Is Information Technology?
Information technology (IT)
The hardware and software operated by a federal agency, a contractor of a federal agency, or other organization that processes information on behalf of the federal government to accomplish a federal function, regardless of the technology involved, whether computers, telecommunications, or others
Any equipment or interconnected system or subsystem of equipment that is used
ni the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the executive agency
Includes computers, ancillary equipment, software, firmware, services, and related resources
Preparing an Acquisition Plan for InformationTechnology
Agency requirements shall be identified considering:
- OMB Circular A-130
- Security of resources
- Protection of privacy
National security
Emergency preparedness
Accommodation of disabilities - Energy efficiency
NOTE: Contracting officers shall
not procure or obtain, extend or renew a contract or enter into a
contract for any equipment,
system, or service that uses covered telecommunications
equipment or services as defined in FAR 4.101.
National security system
Any telecommunications or information system operated by the United States government, the function, operation, or use of which
- Involves intelligence activities
- Involves cryptologic activities related to national security * Involves command and control of military forces
- Involves equipment that is an integral part of a weapon or weapons system; or * Is critical to the direct fulfillment of military or intelligence missions
FAR Part 39 does not apply to acquisition of TI for national security systems
Preparing an Acquisition Plan for InformationTechnology
Agency requirements shall be identified considering:
- EPEAT® standards
- Electronic Product Environmental Assessment Tool
- Policies for energy efficiency in electronic products * Examples: power management, double-sided printing
- Energy-efficient management of servers and data centers
Preparing an Acquisition Plan for InformationTechnology
Agency requirements shall be identified considering:
Rapid c h a n g e s in information technology
- Use of market research
- Use of technology refreshment techniques
Preparing an Acquisition Plan for InformationTechnology
Reasonable risk, including
- Schedule risk
- Risk of technical obsolescence
- Cost risk
- Risk implicit in contract type
- Technical feasibility
- Dependencies on or of other systems
- Number of simultaneous projects
- Availability of funding
- Program management risk
Modular contracting
The use of one or more contracts to acquire information technology systems ni successive, interoperable increments
Intended to:
* Reduce program risk
* Incentivize contractor performance
* Meet the government’s need for timely access to
rapidly changing technology
Should be used to acquire information technology to the maximum extent practicable
Establishing Minimum Experience and Education Requirements
Solicitations for information technology services must not describe any minimum
experience or educational requirements, unless the agency needs:
* Cannot be met without that requirement, or
* Would require the use of other than performance-based acquisition.
Information Technology Laws
Privacy Act of 1974
Privacy Act of 1974
No agency shall disclose any record which is contained in a system
of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains
Information Technology Laws
Federal Records Act of 1950
Defines federal records, mandated the creation and preservation of
those records necessary ot document federal activities, establishes government ownership of records, and provides the exclusive legal
Ref.: FAR 39.105
CFCM ONLINE PREPARATORY COURSE
NCMA
procedures for the disposition of records
Information Technology Laws
Freedom of Information Act
Freedomo fInformationAct
Allows for the full or partial disclosure of previously unreleased
information and documents controlled by the government; defines agency records subject to disclosure, and outlines mandatory disclosure procedures and exemptions
Information Technology Laws
Agencies shall ensure that contracts for information technology address privacy protection by containing:
Rules of conduct for the contractor and its employees
A list of anticipated threats and hazards
Specific safeguards that the contractor must provide
Requirements for a program of government inspection of
safeguards against threats and hazards, to be done during contract performance
Access for People with Disabilities
Section 5 0 8 Accessibility Program
https://www.section508.gov/
Agencies must ensure that federal employees with disabilities have access to and use of information and data, and
Members of the public with disabilities seeking information or services from an agency have access to and use of information and data
MODULAR CONTRACTING
is the use of one or more contracts to acquire information technology systems in successive, interoperable increments.
NATIONAL SECURITY SYSTEM means
means any telecommunications or information system operated by the U.S. government, the function, operation, or use of which involves intelligence activities; cryptologic activities related to national defense, command, and control of military forces; equipment that is an integral part of a weapon system; or is critical to the direct fulfillment of military or intelligence missions.
Agencies shall ensure that contracts for information technology address protection of privacy in accordance with the Privacy Act.
Prior to entering a contract for information technology, an agency should
analyze risks, benefits, and costs. Reasonable risk-taking is appropriate if risks are controlled and mitigated.
Types of risk may include schedule risk, risk of technical obsolescence, cost risk, risk implicit in a particular contract type, technical feasibility, dependencies between a new project and other projects or systems, the number of simultaneous high-risk projects to be monitored, funding availability, and program management risk.
Appropriate techniques should be applied to manage and mitigate risk during the acquisition of information technology.
Modular contracting is intended to
reduce program risk and to incentivize contractor performance while meeting the government’s need for timely access to rapidly changing technology.
Consistent with the agency’s information technology architecture, agencies should, to the maximum extent practicable, use modular contracting to acquire major systems of information technology.
Agencies may also use modular contracting to acquire nonmajor systems of information technology.
The characteristics of an increment used in modular contracting may vary depending upon the type of information technology being acquired and the nature of the system being developed.
To promote compatibility, the information technology acquired through modular contracting for each increment should
comply with common or commercially acceptable information technology standards when available and appropriate and shall conform to the agency’s master information technology architecture.
Additionally, the performance requirements of each increment should be consistent with the performance requirements of the completed, overall system within which the information technology will function and should address interface requirements with succeeding increments.
For each increment, contracting officers shall choose an appropriate contracting technique that facilitates the acquisition of subsequent increments. Contracts shall be structured to ensure that the government is not required to procure additional increments.
