Federal Acquisition Regulation; Federal Acquisition Circular 2024-04; Small Entity Compliance Guide, 22605-22606 [2024-06412]
Download as PDF
<![CDATA[
Federal Register / Vol. 89, No. 63 / Monday, April 1, 2024 / Rules and Regulations
emerging technology risks). The new
FAR part 40 would be structured based
on the objectives of the regulation
(similar to the way environmental
objectives are covered in part 23 and
labor objectives are addressed in part
22). Security-related requirements that
include, but are not limited to,
information and communications
technology (ICT) will be covered in FAR
part 40. An example of security-related
requirements that include, but are not
limited to, ICT are the security-related
requirements from section 889 of the
John S. McCain National Defense
Authorization Act for Fiscal Year 2019
(Pub. L. 115–232). Security-related
requirements that only apply to ICT
acquisitions will continue to be covered
in part 39.
Supply chain and information risks
that are unrelated to security risks are
covered in other parts of the FAR (e.g.,
part 22 for labor and human trafficking
risks and part 23 for climate-related
risks).
II. Publication of This Final Rule for
Public Comment Is Not Required by
Statute
ddrumheller on DSK120RN23PROD with RULES5
The statute that applies to the
publication of the FAR is 41 U.S.C.
1707. Subsection (a)(1) of 41 U.S.C.
1707 requires that a procurement policy,
regulation, procedure, or form
(including an amendment or
modification thereof) must be published
for public comment if it relates to the
expenditure of appropriated funds, and
has either a significant effect beyond the
internal operating procedures of the
agency issuing the policy, regulation,
procedure, or form, or has a significant
cost or administrative impact on
contractors or offerors. This final rule is
not required to be published for public
comment because it is only establishing
a framework for a new FAR part and
does not implement any policies or
procedures that apply to the public.
This rule only affects the internal
operating procedures of the Government
and without a significant cost or
administrative impact on contractors or
offerors.
III. Applicability to Contracts at or
Below the Simplified Acquisition
Threshold (SAT) and for Commercial
Products, Including Commercially
Available Off-the-Shelf (COTS) Items,
or Commercial Services
This rule does not create new
solicitation provisions or contract
clauses or impact any existing
provisions or clauses.
VerDate Sep<11>2014
18:11 Mar 29, 2024
Jkt 262001
IV. Executive Orders 12866 and 13563
Executive Orders (E.O.s) 12866 (as
amended by E.O. 14094) and 13563
direct agencies to assess the costs and
benefits of available regulatory
alternatives and, if regulation is
necessary, to select regulatory
approaches that maximize net benefits
(including potential economic,
environmental, public health and safety
effects, distributive impacts, and
equity). E.O. 13563 emphasizes the
importance of quantifying both costs
and benefits, of reducing costs, of
harmonizing rules, and of promoting
flexibility. This is not a significant
regulatory action and, therefore, was not
subject to review under Section 6(b) of
E.O. 12866, Regulatory Planning and
Review, dated September 30, 1993.
V. Congressional Review Act
Pursuant to the Congressional Review
Act, DoD, GSA, and NASA will send
this rule to each House of the Congress
and to the Comptroller General of the
United States. The Office of Information
and Regulatory Affairs (OIRA) in the
Office of Management and Budget has
determined that this rule does not meet
the definition in 5 U.S.C. 804(2).
VI. Regulatory Flexibility Act
Because a notice of proposed
rulemaking and an opportunity for
public comment are not required to be
given for this rule under 41 U.S.C.
1707(a)(1) (see section II. of this
preamble), the analytical requirements
of the Regulatory Flexibility Act (5
U.S.C. 601–612) are not applicable.
Accordingly, no regulatory flexibility
analysis is required, and none has been
prepared.
22605
Subpart 40.1—[Reserved]
Subpart 40.2—[Reserved]
Subpart 40.3—[Reserved]
Authority: 40 U.S.C. 121(c); 10 U.S.C.
chapter 4 and 10 U.S.C. chapter 137 legacy
provisions (see 10 U.S.C. 3016); and 51
U.S.C. 20113.
40.000
Scope of part.
(a) This part addresses broad security
requirements that apply to acquisitions
of products and services. It prescribes
policies and procedures for managing
information security and supply chain
security when acquiring products and
services that include, but are not limited
to, information and communications
technology (ICT).
(b) See part 39 for security-related
policies and procedures that only apply
to ICT.
(c) See parts 4, 24, and 46 for
additional policies and procedures
related to managing information
security and supply chain security.
(d) Information and supply chain
policies and procedures that are
unrelated to security are covered in
other parts of the FAR (e.g., part 22 for
labor and human trafficking risks and
part 23 for climate-related risks).
Subpart 40.1—[Reserved]
Subpart 40.2—[Reserved]
Subpart 40.3—[Reserved]
[FR Doc. 2024–06411 Filed 3–29–24; 8:45 am]
BILLING CODE 6820–EP–P
DEPARTMENT OF DEFENSE
GENERAL SERVICES
ADMINISTRATION
VII. Paperwork Reduction Act
This rule does not contain any
information collection requirements that
require the approval of the Office of
Management and Budget under the
Paperwork Reduction Act (44 U.S.C.
3501–3521).
NATIONAL AERONAUTICS AND
SPACE ADMINISTRATION
List of Subjects in 48 CFR Part 40
Federal Acquisition Regulation;
Federal Acquisition Circular 2024–04;
Small Entity Compliance Guide
Government procurement.
William F. Clark,
Director, Office of Government-wide
Acquisition Policy, Office of Acquisition
Policy, Office of Government-wide Policy.
Therefore, DoD, GSA, and NASA
amend 48 CFR chapter 1 by adding part
40 to read as follows:
■
PART 40—INFORMATION SECURITY
AND SUPPLY CHAIN SECURITY
Sec.
40.000
PO 00000
Scope of part.
Frm 00003
Fmt 4701
Sfmt 4700
48 CFR Chapter 1
[Docket No. FAR–2024–0051, Sequence No.
2]
Department of Defense (DoD),
General Services Administration (GSA),
and National Aeronautics and Space
Administration (NASA).
ACTION: Small Entity Compliance Guide
(SECG).
AGENCY:
This document is issued
under the joint authority of DoD, GSA,
and NASA. This Small Entity
Compliance Guide has been prepared in
accordance with section 212 of the
SUMMARY:
E:\FR\FM\01APR5.SGM
01APR5
22606
Federal Register / Vol. 89, No. 63 / Monday, April 1, 2024 / Rules and Regulations
Small Business Regulatory Enforcement
Fairness Act of 1996. It consists of a
summary of the rule appearing in
Federal Acquisition Circular (FAC)
2024–04, which amends the Federal
Acquisition Regulation (FAR).
Interested parties may obtain further
information regarding this rule by
referring to FAC 2024–04, which
precedes this document.
DATES: April 1, 2024.
ADDRESSES: The FAC, including the
SECG, is available at https://
www.regulations.gov.
FOR FURTHER INFORMATION CONTACT:
For
ddrumheller on DSK120RN23PROD with RULES5
clarification of content, contact the
analyst whose name appears in the table
below. Please cite FAC 2024–04 and the
FAR Case number. For information
pertaining to status or publication
schedules, contact the Regulatory
Secretariat Division at 202–501–4755 or
VerDate Sep<11>2014
18:11 Mar 29, 2024
Jkt 262001
GSARegSec@gsa.gov. An asterisk (*)
next to a rule indicates that a regulatory
flexibility analysis has been prepared.
RULES LISTED IN FAC 2024–04
Subject
FAR case
Establishing Federal Acquisition Regulation Part 40.
2022–010
Analyst
Jones.
A
summary for the FAR rule follows. For
the actual revisions and/or amendments
made by this FAR rule, refer to the
specific subject set forth in the
document preceding this summary. FAC
2024–04 amends the FAR as follows:
SUPPLEMENTARY INFORMATION:
Establishing Federal Acquisition
Regulation Part 40 (FAR Case 2022–
010)
This final rule amends the Federal
Acquisition Regulation (FAR) to add the
PO 00000
Frm 00004
Fmt 4701
Sfmt 9990
framework for a new FAR part on
information security and supply chain
security. The new FAR part will be used
to prescribe policies and procedures for
managing information security and
supply chain security when acquiring
products and services. The creation of
this new FAR part does not implement
any of the information security and
supply chain security policies or
procedures. Relocation of the related
existing policies or procedures will be
done through separate rulemaking.
William F. Clark,
Director, Office of Government-wide
Acquisition Policy, Office of Acquisition
Policy, Office of Government-wide Policy.
[FR Doc. 2024–06412 Filed 3–29–24; 8:45 am]
BILLING CODE 6820–EP–P
E:\FR\FM\01APR5.SGM
01APR5
]]>Agencies
[Federal Register Volume 89, Number 63 (Monday, April 1, 2024)]
[Rules and Regulations]
[Pages 22605-22606]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-06412]
-----------------------------------------------------------------------
DEPARTMENT OF DEFENSE
GENERAL SERVICES ADMINISTRATION
NATIONAL AERONAUTICS AND SPACE ADMINISTRATION
48 CFR Chapter 1
[Docket No. FAR-2024-0051, Sequence No. 2]
Federal Acquisition Regulation; Federal Acquisition Circular
2024-04; Small Entity Compliance Guide
AGENCY: Department of Defense (DoD), General Services Administration
(GSA), and National Aeronautics and Space Administration (NASA).
ACTION: Small Entity Compliance Guide (SECG).
-----------------------------------------------------------------------
SUMMARY: This document is issued under the joint authority of DoD, GSA,
and NASA. This Small Entity Compliance Guide has been prepared in
accordance with section 212 of the
[[Page 22606]]
Small Business Regulatory Enforcement Fairness Act of 1996. It consists
of a summary of the rule appearing in Federal Acquisition Circular
(FAC) 2024-04, which amends the Federal Acquisition Regulation (FAR).
Interested parties may obtain further information regarding this rule
by referring to FAC 2024-04, which precedes this document.
DATES: April 1, 2024.
ADDRESSES: The FAC, including the SECG, is available at https://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: For clarification of content, contact
the analyst whose name appears in the table below. Please cite FAC
2024-04 and the FAR Case number. For information pertaining to status
or publication schedules, contact the Regulatory Secretariat Division
at 202-501-4755 or [email protected]. An asterisk (*) next to a rule
indicates that a regulatory flexibility analysis has been prepared.
Rules Listed in FAC 2024-04
------------------------------------------------------------------------
Subject FAR case Analyst
------------------------------------------------------------------------
Establishing Federal Acquisition 2022-010 Jones.
Regulation Part 40.
------------------------------------------------------------------------
SUPPLEMENTARY INFORMATION: A summary for the FAR rule follows. For the
actual revisions and/or amendments made by this FAR rule, refer to the
specific subject set forth in the document preceding this summary. FAC
2024-04 amends the FAR as follows:
Establishing Federal Acquisition Regulation Part 40 (FAR Case 2022-010)
This final rule amends the Federal Acquisition Regulation (FAR) to
add the framework for a new FAR part on information security and supply
chain security. The new FAR part will be used to prescribe policies and
procedures for managing information security and supply chain security
when acquiring products and services. The creation of this new FAR part
does not implement any of the information security and supply chain
security policies or procedures. Relocation of the related existing
policies or procedures will be done through separate rulemaking.
William F. Clark,
Director, Office of Government-wide Acquisition Policy, Office of
Acquisition Policy, Office of Government-wide Policy.
[FR Doc. 2024-06412 Filed 3-29-24; 8:45 am]
BILLING CODE 6820-EP-P
