Common use of PROCEDURES FOR SECURITY Clause in Contracts

PROCEDURES FOR SECURITY. SSA and DHS will comply with the requirements of the Federal Information Security Management Act (FISMA), 44 U.S.C. §§ 3541-3549; related OMB circulars and memoranda, such as Circular A-130, Management of Federal Information Resources (Nov. 28, 2000), and Memorandum M-06-16, Protection of Sensitive Agency Information (June 23, 2006); National Institute of Standards and Technology (NIST) directives; and the Federal Acquisition Regulations, including any applicable amendments published after the effective date of this agreement. These laws, directives, and regulations include requirements for safeguarding Federal information systems and personally identifiable information (PII) used in Federal agency business processes, as well as related reporting requirements. Both agencies recognize and will implement the laws, regulations, NIST standards, and OMB directives including those published subsequent to the effective date of this agreement. FISMA requirements apply to all Federal contractors, organizations, or entities that possess or use Federal information, or that operate, use, or have access to Federal information systems on behalf of an agency. Both agencies are responsible for oversight and compliance of their contractors and agents.