Common use of Information System Security Clause in Contracts

Information System Security. The Contractor shall act as a temporary point-of-contact in the absence of the Federal IAO/NTR Information Assurance Officer/Network Technical Representative (IAO/NTR). The Contractor shall, at a minimum, perform the following security administration tasks:  User support: a. Recommend to the Federal IAO/NTR and, as needed, nominating qualified network users for approval by the NRL Security Networking Group. b. Ensuring SSD IT users have access to the network, only after approval by the NRL Code 1220. c. Training new SSD IT users on the proper operating and security procedures. d. Ensuring departed users accounts are secured and closed according to NRL directives and policies. e. Ensure appropriate vetting process, training and forms are completed according to the type of SSD IT account needed (i.e., contractor, Federal Employee, Collaborator, Foreign National, etc.)  SSD IT systems support: a. Ensuring that approved configurations of connected systems are maintained and that configuration changes are approved by the NRL Security Networking Group before implementation. b. Using Shavlik HFNetChk and windows group policies, ensuring that the Division desktop and portable IT systems and the SSD shared computer systems and infrastructure meet DoD and DoN security standards, and reporting completed IAVA/B’s to the SSD NTR or NRL Security Networking Group or both in accordance with technical direction. c. Notifying the COR, the Federal IAO/NTR, and the NRL Security Networking Group of security violations or suspicious activities pertaining to the SSD computer systems, servers and the SSD shared computer systems and infrastructure.

Information System Security. The Contractor shall act as a temporary point-of-contact in the absence of the Federal IAO/NTR Information Assurance Officer/Network Technical Representative (IAO/NTR). The Contractor shall, at a minimum, perform the following security administration tasks:  • User support: a. Recommend to the Federal IAO/NTR and, as needed, nominating qualified network users for approval by the NRL Security Networking Group. b. Ensuring SSD IT users have access to the network, only after approval by the NRL Code 1220. c. Training new SSD IT users on the proper operating and security procedures. d. Ensuring departed users accounts are secured and closed according to NRL directives and policies. e. Ensure appropriate vetting process, training and forms are completed according to the type of SSD IT account needed (i.e., contractor, Federal Employee, Collaborator, Foreign National, etc.)  • SSD IT systems support: a. Ensuring that approved configurations of connected systems are maintained and that configuration changes are approved by the NRL Security Networking Group before implementation. b. Using Shavlik HFNetChk and windows group policies, ensuring that the Division desktop and portable IT systems and the SSD shared computer systems and infrastructure meet DoD and DoN security standards, and reporting completed IAVA/B’s to the SSD NTR or NRL Security Networking Group or both in accordance with technical direction. c. Notifying the COR, the Federal IAO/NTR, and the NRL Security Networking Group of security violations or suspicious activities pertaining to the SSD computer systems, servers and the SSD shared computer systems and infrastructure.