Updating gsa advantage sip
The final cybersecurity incident reporting rule will require contracting officers to include cyber incident reporting requirements within GSA contracts and orders placed against GSA multiple award contracts.The final rule will also outline the roles and reporting responsibilities of the GSA contracting officer, contractors, and agencies ordering off of GSA contracts; establish a contractor’s reporting obligations where the confidentiality, integrity, or availability of GSA information or information systems are potentially compromised or where the information nor information systems owned or managed by or on behalf of the U. Government is potentially compromised; establish explicit timeframes for reporting cyber incidents; describe the details and required elements of a cyber incident report; provide Government points of contact for submitting reports; and explain the process for determining which agency will be primarily responsible for the cyber incident.She has experience in producing schedule renewal packages, various modification packages, small business subcontracting plans, and updates to GSA pricelists.Beginning in April 2018, the General Services Administration (GSA) will publish for 60 days of public comment updates to its cybersecurity requirements for eventual integration into the GSA Acquisition Regulation (GSAR). 12, 2018).] Then, beginning in August 2018, the GSA will publish for 60 days of public comments updates to its cyber incident reporting requirements for GSA contractors. 12, 2018).] GSA’s brief description of the updates and some factors it might consider are summarized below. GSA’s New Cybersecurity Requirements Currently, the GSA cybersecurity requirements mandate that contractors protect the confidentiality, integrity, and availability of unclassified GSA information and information systems from cybersecurity vulnerabilities and threats in accordance with the Federal Information Security Modernization Act of 2014 and associated Federal cybersecurity requirements.GSA might also explicitly recognize that while compliance with SP 800-171 is expected, there may be events in which additional cybersecurity is warranted. 40293.] Currently, GSA requires that initial notification be completed within 60 calendar days of the date the incident was determined to be a breach, unless communication cannot occur during this time frame.
And, while the GSA determines on a case-by-case basis whether credit monitoring will be offered under the existing policy, it might be better to simply have a standing rule requiring that such services be provided and then see how many people actually sign up for the service.The Formatted Product Tool was built to make managing your contract easier and to streamline the modification process.First of all, we can all celebrate the impending death of the Schedule Input Program (SIP)! Also, the new tool will removing a step from the process.Now, you submit a modification and once that modification is submitted you update your SIP files.
The new process will include updating your GSA Advantage files when you upload the modification itself. For example, if you are submitting a product addition modification or a pricing modification the system will tell you where you stand compared to other vendors with the same product on Contract.Essentially this means taking what you already have approved on GSA Advantage and uploading this through FPT.