GSA seeks proof of systems security from vendors

The General Services Administration wants more proof its vendors are securing the agency’s systems — and GSA is not just stopping at the prime contractor level.

GSA issued a final rule today requiring both prime and subcontractors to submit an IT security plan detailing how they are meeting federal cyber laws and regulations.

Along with the plan, GSA wants to inspect contractors and subcontractors’ facilities, databases, devices and IT systems used in the performance of the contract to ensure the agency’s data is secure.

GSA stated it plans to insert new clauses into contracts for any IT supplies, services or systems in which the contractor will have access to government information that supports GSA’s mission.


This story is part of Federal News Radio’s daily Cybersecurity Update. For more cybersecurity news, click here.