Final Rule on Supply Chain Risk Fails to Provide Additional Guidance, Protection, or Relief from Uncertain Application
Client Alert | 1 min read | 11.02.15
On October 30, DoD published a final rule (a) requiring evaluation of supply chain risk when acquiring information technology that is either a covered National Security System ("NSS"), part of a covered NSS, or in support of a covered NSS; and (b) authorizing DoD to exclude primes or subs from a particular procurement if they fail to mitigate identified supply chain risks adequately. DoD made relatively modest changes to the 2013 interim rule (e.g., removing the flow-down requirement applicable to subs at any tier) but largely rejected industry input (e.g., declining to identify specific standards or controls to mitigate supply chain risk and declining to create a mechanism for challenging exclusion from a particular source selection).
Contacts
Partner and Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 8 min read | 04.27.26
Deadlock Broken: EU Adopts 20th Russia Sanctions Package
The EU has adopted its 20th package of sanctions in connection with Russia's ongoing war against Ukraine, resolving a prolonged internal political deadlock that had been caused by vetoes from Hungary and Slovakia. The package amends Regulations 833/2014, 269/2014, and 765/2006 and the respective Council Decisions and Implementing Regulations. The texts entered into force on 24 April 2026. They are available through this link.
Client Alert | 5 min read | 04.27.26
Drift Protocol Exploit: Why “Social Trust” Is the Newest Cybersecurity Gap
Client Alert | 11 min read | 04.27.26
EU Pharma Package: Access Conditionalities and Shortage Measures Compromise Proposal
Client Alert | 4 min read | 04.27.26
Gaming Addiction Litigation: Turner v. Epic Games & Roblox and What It Means for the Industry
