Government Regulations

government office


If your company provides products or services for the Department of Defense (DoD), you will need to meet new cybersecurity standards and certification set by the Defense Federal Acquisition Regulation Supplement (DFARS).

DFARS provides a set of security controls to safeguard information systems where contractor data resides.  Currently, cybersecurity is based on the National Institute of Standards and Technology (NIST), the NIST Special Publication 800-171 “Protecting Controlled Unclassified Information in Non-Federal Information Systems and Organizations” and organizations need to implement the security controls through all levels of their supply chain.

Transitioning From DFARS

The Office of the Under Secretary of Defense for Acquisition & Sustainment (OUSD(A&S)) and the DoD are now transitioning to the new Cybersecurity Maturity Model Certification (CMMC) framework, which combines standards from NIST, ISO and AIA, and will require a third-party audit and certification by a CMMC Third Party Assessment Organization (C3PAOs).

On September 29, 2020 the Defense Acquisitions Regulation System released a new DFARs Interim Rule to supplement the current DFARS regulation 7012 as a procedure that helps bridge the gap between NIST 800-171 while CMMC is still being enacted.  

DFARS Interim Rule
Gearing Up for CMMC

What the DFARS Interim Rule Means for Government Contractors

While the CMMC is being rolled out over the next few years, the DFARS Interim Rule went into effect November 30th, 2020.

Do you know how to navigate the new NIST and CMMC cybersecurity requirements? 

Questions about Government Compliance?
Consult with our team of experts at Clarus Tech Partners.  Contact us

Download Your
DFARS Interim Rule Guide

Thank you for your interest in Clarus Tech Partners' DFARS Interim Guide. You should receive an email shortly from us with a link to download.

Need help understanding or implementing the NIST SP 800-171/DFARs/CMMC requirements? Contact Us