View Rule

View EO 12866 Meetings Printer-Friendly Version     Download RIN Data in XML
FAR RIN: 9000-AO35 Publication ID: Spring 2025 
Title: Federal Acquisition Regulation (FAR); FAR Case 2021-019, Standardizing Cybersecurity Requirements for Unclassified Information Systems 
Abstract:

This rule will ensure Federal information systems are better positioned to protect from cybersecurity threats by standardizing common cybersecurity contractual requirements across agencies for unclassified Federal information systems. This rule is being issued to implement Department of Homeland Security recommendations in accordance with sections 2(i) and 8(b) of the Executive Order 14028 titled "Improving the Nation’s Cybersecurity.” 

 

 
Agency: DOD/GSA/NASA (FAR)(FAR)  Priority: Other Significant 
RIN Status: Previously published in the Unified Agenda Agenda Stage of Rulemaking: Final Rule Stage 
Major: No  Unfunded Mandates: No 
EO 14192 Designation: Not subject to, not significant 
CFR Citation: 48 CFR 1    48 CFR 2    48 CFR 4    48 CFR 7    48 CFR 10    48 CFR 11    48 CFR 12    48 CFR 37    48 CFR 39    48 CFR 52   
Legal Authority: 40 U.S.C. 121(c)    10 U.S.C. ch. 4    10 U.S.C. ch. 137 legacy provisions    10 U.S.C. 3016    51 U.S.C. 20113   
Legal Deadline:  None
Timetable:
Action Date FR Cite
NPRM  10/03/2023  88 FR 68402   
NPRM Comment Period Extended  11/01/2023  88 FR 74970   
NPRM Comment Period End  12/04/2023 
NPRM Comment Period Extension End  02/02/2024 
Final Rule  11/00/2025 
Regulatory Flexibility Analysis Required: No  Government Levels Affected: Federal 
Small Entities Affected: Businesses  Federalism: No 
Included in the Regulatory Plan: No 
RIN Information URL: www.regulations.gov   Public Comment URL: www.regulations.gov  
RIN Data Printed in the FR: No 
Agency Contact:
FAR Policy
DOD/GSA/NASA (FAR)
1800 F Street, NW,
Washington, DC 20405
Phone:202 969-4075
Email: farpolicy@gsa.gov