Final Rule on Supply Chain Risk Fails to Provide Additional Guidance, Protection, or Relief from Uncertain Application
Client Alert | 1 min read | 11.02.15
On October 30, DoD published a final rule (a) requiring evaluation of supply chain risk when acquiring information technology that is either a covered National Security System ("NSS"), part of a covered NSS, or in support of a covered NSS; and (b) authorizing DoD to exclude primes or subs from a particular procurement if they fail to mitigate identified supply chain risks adequately. DoD made relatively modest changes to the 2013 interim rule (e.g., removing the flow-down requirement applicable to subs at any tier) but largely rejected industry input (e.g., declining to identify specific standards or controls to mitigate supply chain risk and declining to create a mechanism for challenging exclusion from a particular source selection).
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 4 min read | 02.05.26
EU–Brazil Mutual Adequacy: A Milestone for Global Data Flows and Latin America’s Digital Positioning
On January 27, the EU and Brazil announced their positive determination on the mutual adequacy of Brazil’s and the EU’s data privacy frameworks — confirming the growing importance of transatlantic data transfers and the EU-Mercosur relationship. This adequacy decision, while not formally tied to the EU-Mercosur trade negotiations, is a historic development that can facilitate cross-border data transfers and fuel shared economic growth driven by data-centered service sectors.
Client Alert | 4 min read | 02.04.26
DOJ Antitrust Division Issues First-Ever Award Under Whistleblower Rewards Program
Client Alert | 4 min read | 02.04.26
New York District Court Confirms Insurance Coverage Must Mean Something
Client Alert | 13 min read | 02.04.26
