Amendment Of Solicitation/modification Of Contract Page 37
ADVERTISEMENT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40CONTRACT NO.
DELIVERY ORDER NO.
AMENDMENT/MODIFICATION NO.
PAGE
FINAL
N00178-14-D-7823
EX01
04
35 of 38
categorized as IT-I, IT-II, or IT-III. The IT-II level, defined in detail in SECNAV M-5510.30, includes positions
which require access to information protected under the Privacy Act, to include Protected Health Information (PHI).
All contractor employees under this contract who require access to Privacy Act protected information are therefore
categorized no lower than IT-II. IT Levels are determined by the requiring activity’s Command Information
Assurance Manager. Contractor employees requiring privileged or IT-I level access, (when specified by the terms of
the contract) require a Single Scope Background Investigation (SSBI) which is a higher level investigation than the
National Agency Check with Law and Credit (NACLC) described below. Due to the privileged system access, a
SSBI suitable for High Risk public trusts positions is required. Individuals who have access to system control,
monitoring, or administration functions (e.g. system administrator, database administrator) require training and
certification to Information Assurance Technical Level 1, and must be trained and certified on the Operating System
or Computing Environment they are required to maintain.
Access to sensitive IT systems is contingent upon a favorably adjudicated background investigation. When access to
IT systems is required for performance of the contractor employee’s duties, such employees shall in-process with the
Navy Command’s Security Manager and Information Assurance Manager upon arrival to the Navy command and
shall out-process prior to their departure at the completion of the individual’s performance under the contract.
Completion and approval of a System Authorization Access Request Navy (SAAR-N) form is required for all
individuals accessing Navy Information Technology resources. The decision to authorize access to a government IT
system/network is inherently governmental. The contractor supervisor is not authorized to sign the SAAR-N;
therefore, the government employee with knowledge of the system/network access required or the COR shall sign
the SAAR-N as the “supervisor”.
The SAAR-N shall be forwarded to the Navy Command’s Security Manager at least 30 days prior to the
individual’s start date. Failure to provide the required documentation at least 30 days prior to the individual’s start
date may result in delaying the individual’s start date. When required to maintain access to required IT systems or
networks, the contractor shall ensure that all employees requiring access complete annual Information Assurance (IA)
training, and maintain a current requisite background investigation. The Contractor’s Security Representative shall
contact the Command Security Manager for guidance when reinvestigations are required.
INTERIM ACCESS
The Navy Command's Security Manager may authorize issuance of a DoD CAC and interim access to a DoN or
DoD unclassified computer/network upon a favorable review of the investigative questionnaire and advance favorable
fingerprint results. When the results of the investigation are received and a favorable determination is not made, the
contractor employee working on the contract under interim access will be denied access to the computer network and
this denial will not relieve the contractor of his/her responsibility to perform.
DENIAL OR TERMINATION OF ACCESS
The potential consequences of any requirement under this clause including denial or termination of physical or
system access in no way relieves the contractor from the requirement to execute performance under the contract
within the timeframes specified in the contract. Contractors shall plan ahead in processing their employees and
subcontractor employees. The contractor shall insert this clause in all subcontracts when the subcontractor is
permitted to have unclassified access to a federally controlled facility, federally-controlled information
system/network and/or to government information, meaning information not authorized for public release.
CONTRACTOR’S SECURITY REPRESENTATIVE
The contractor shall designate an employee to serve as the Contractor’s Security Representative. Within three work
days after contract award, the contractor shall provide to the requiring activity’s Security Manager and the
Contracting Officer, in writing, the name, title, address and phone number for the Contractor’s Security
Representative. The Contractor’s Security Representative shall be the primary point of contact on any security
matter. The Contractor’s Security Representative shall not be replaced or removed without prior notice to the
Contracting Officer and Command Security Manager.
BACKGROUND INVESTIGATION REQUIREMENTS AND SECURITY APPROVAL PROCESS FOR
CONTRACTORS ASSIGNED TO NATIONAL SECURITY POSITIONS OR PERFORMING
SENSITIVE DUTIES
Navy security policy requires that all positions be given a sensitivity value based on level of risk factors to ensure
ADVERTISEMENT
0 votes
Related Articles
Related forms
Related Categories
Parent category: Business