DFARS 252.204-7012 Compliance Consulting

Nearly 100% of dod contracts require both primes and their subcontractors to comply with both nist sp 800-171 and dfars compliance

If your company provides products or services being sold to the Department of Defense (DoD) you are required to comply with the minimum cybersecurity standards set by DFARS.

TALK TO AN EXPERT...

FREE GUIDE: How to become compliant with DoD information security laws and prepare for CMMC Certification. In this free guide we teach you the exact first steps we take when preparing to help our clients become more secure and get compliant. 

Contact Us

DFARS Requirements go beyond what is required by the NIST SP 800-171 standard. If you are doing business with the Department of Defense it is critical to understand what DFARS clauses have been included in your contract and what you must do to comply so you are not subject to penalties that can include losing your contract and being black listed by the DoD.

Fun Facts About Common DFARS Requirements That Likely Affect You:

  • If you have a DFARS 252.204-7012 requirement regular commercial versions of Microsoft Office 365 are not an allowable communication method and do not meet FedRAMP requirements.
  • You have 72 hours to report a cyber incident to the DoD. Failure to do so following proper procedure is a violation of DFARS rules and you may be subject to penalty and/or losing your contract.
  • Under DFARS rules many cloud solutions are not allowed and do not meet the requirements.
  • Upon request by the DoD, the Contractor shall provide DoD with access to additional information or equipment that is necessary to conduct a forensic analysis. This means you must be able to allow the DoD to access your systems if they request it in order for them to conduct their own investigation of a cyber incident. 
  • Depending upon what DFARS requirements are in your contract you may be required to make sure all of your subcontractors are also compliant (Flow Down). Failure to ensure the transfer of information to a compliant sub-contractor can be grounds for penalty or contract loss.

get a dfars expert on call for you

when a full time on staff compliance officer is not a practical solution on call computer solutions fills the gap with on call compliance expertise available as needed.

Keeping up with compliance can be a full time job. If you are a small to mid-size organization or have only a portion of your business focused on work with the DoD it may not be financially feasible to have this expertise on staff. 

On Call empowers small to mid size companies with fractional and on demand compliance consulting and expertise. Why hire a dedicated person when you can pay less and gain access to an entire team of experts who eat, sleep and breathe compliance every day for a fraction of the price. Pay only for what you use and operate safely with on demand access to the expertise you need when you need it.

7 1

DOWNLOAD

FREE GUIDE: How to become compliant with DoD information security laws and prepare for CMMC Certification. In this free guide we teach you the exact first steps we take when preparing to help our clients become more secure and get compliant. 

Backed by an award-winning cyber security and IT management team, On Call Compliance Solutions is the #1 source for CMMC, NIST SP 800-171 Compliance, DFARS and ITAR consulting. Give us a call now to schedule a free phone call with one of our compliance experts to see how we can help.

NIST SP 800-171 Compliance Experts

CONTACT US

Fill out the form below to get a FREE consultation with one of our CMMC, NIST SP 800-171, DFARS and ITAR experts who can help you achieve your goals. There is never a fee or obligation to find out how we can help.

Contact Us

Lets Connect

WAIT!

DO YOU HAVE QUESTIONS?

Schedule a FREE Call With One Of Our Compliance Experts By Clicking The Button Below…

SCHEDULE A FREE CALL