252.204-7008.dita

Files changed (1) hide show

dita/252.204-7008.dita +57 -41

dita/252.204-7008.dita CHANGED Viewed

@@ -1,47 +1,63 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE dita
-  PUBLIC "-//OASIS//DTD DITA Composite//EN" "ditabase.dtd">
-<dita xmlns:ditaarch="http://dita.oasis-open.org/architecture/2005/"
-      domains="(topic task)                            (topic concept)                            (topic concept glossentry)                            (topic concept glossgroup)                            (topic reference)                            (topic troubleshooting++task) (topic task)                            (topic abbrev-d)                            a(props deliveryTarget)                            (topic equation-d)                            (topic hazard-d)                            (topic hi-d)                            (topic indexing-d)                            (topic markup-d)                            (topic mathml-d)                            (topic pr-d)                            (topic relmgmt-d)                            (topic sw-d)                            (topic svg-d)                            (topic ui-d)                            (topic ut-d)                            (topic markup-d xml-d)                            (topic task strictTaskbody-c)   "
-      ditaarch:DITAArchVersion="1.3">
-   <concept id="DFARS_252.204-7008"
-            ditaarch:DITAArchVersion="1.3"
-            class="- topic/topic concept/concept ">
-      <title class="- topic/title ">
-         <ph props="autonumber" class="- topic/ph ">252.204-7008</ph> Compliance with Safeguarding Covered Defense Information Controls.</title>
-      <conbody outputclass="provision" class="- topic/body  concept/conbody ">
-         <p class="- topic/p ">As prescribed in
-               <xref outputclass="fm:ParaNumOnly"
-                  class="- topic/xref "
-                  base="DFARS-204.7304"
-                  href="204.7304.dita#DFARS_204.7304">204.7304</xref>
+<!DOCTYPE dita PUBLIC "-//OASIS//DTD DITA Composite//EN" "ditabase.dtd">
+<dita xmlns:ditaarch="http://dita.oasis-open.org/architecture/2005/" domains="(topic task)                            (topic concept)                            (topic concept glossentry)                            (topic concept glossgroup)                            (topic reference)                            (topic troubleshooting++task) (topic task)                            (topic abbrev-d)                            a(props deliveryTarget)                            (topic equation-d)                            (topic hazard-d)                            (topic hi-d)                            (topic indexing-d)                            (topic markup-d)                            (topic mathml-d)                            (topic pr-d)                            (topic relmgmt-d)                            (topic sw-d)                            (topic svg-d)                            (topic ui-d)                            (topic ut-d)                            (topic markup-d xml-d)                            (topic task strictTaskbody-c)   " ditaarch:DITAArchVersion="1.3">
+  <concept id="DFARS_252.204-7008" ditaarch:DITAArchVersion="1.3" class="- topic/topic concept/concept ">
+    <title class="- topic/title "><ph props="autonumber" class="- topic/ph ">252.204-7008</ph> Compliance with Safeguarding Covered Defense Information Controls.</title>
+    <conbody outputclass="provision" class="- topic/body  concept/conbody ">
+      <p class="- topic/p ">As prescribed in
+               <xref outputclass="fm:ParaNumOnly" class="- topic/xref " base="DFARS-204.7304" href="204.7304.dita#DFARS_204.7304">204.7304</xref>
             (a), use the following provision:</p>
-         <p class="- topic/p " outputclass="Ctr_SmCaps">COMPLIANCE WITH SAFEGUARDING COVERED DEFENSE INFORMATION CONTROLS (OCT 2016)</p>
-         <p outputclass="List1" class="- topic/p ">(a)  <i class="+ topic/ph hi-d/i ">Definitions</i>.  As used in this provision—</p>
-         <p class="- topic/p ">“Controlled technical information,” “covered contractor information system,” “covered defense information,” “cyber incident,” “information system,” and “technical information” are defined in clause
-               <xref outputclass="fm:ParaNumOnly"
-                  class="- topic/xref "
-                  base="i1380987"
-                  href="252.204-7012.dita#DFARS_252.204-7012">252.204-7012</xref>
+      <p class="- topic/p " outputclass="Ctr_SmCaps">COMPLIANCE WITH SAFEGUARDING COVERED DEFENSE INFORMATION CONTROLS (OCT 2016)</p>
+      <info li_elems="0"/>
+      <ol>
+        <li>
+          <p outputclass="List1" class="- topic/p "><ph props="autonumber" class="-topic/ph">(a)</ph><i class="+ topic/ph hi-d/i ">Definitions</i>.  As used in this provision—</p>
+          <p class="- topic/p ">“Controlled technical information,” “covered contractor information system,” “covered defense information,” “cyber incident,” “information system,” and “technical information” are defined in clause
+               <xref outputclass="fm:ParaNumOnly" class="- topic/xref " base="i1380987" href="252.204-7012.dita#DFARS_252.204-7012">252.204-7012</xref>
             , Safeguarding Covered Defense Information and Cyber Incident Reporting.</p>
-         <p outputclass="List1" class="- topic/p ">(b)  The security requirements required by contract clause
-               <xref outputclass="fm:ParaNumOnly"
-                  class="- topic/xref "
-                  base="i1380987"
-                  href="252.204-7012.dita#DFARS_252.204-7012">252.204-7012</xref>
+        </li>
+        <li>
+          <p outputclass="List1" class="- topic/p "><ph props="autonumber" class="-topic/ph">(b)</ph> The security requirements required by contract clause
+               <xref outputclass="fm:ParaNumOnly" class="- topic/xref " base="i1380987" href="252.204-7012.dita#DFARS_252.204-7012">252.204-7012</xref>
             , shall be implemented for all covered defense information on all covered contractor information systems that support the performance of this contract.</p>
-         <p outputclass="List1" class="- topic/p ">(c)  For covered contractor information systems that are not part of an information technology service or system operated on behalf of the Government (see
-               <xref outputclass="fm:ParaNumOnly"
-                  class="- topic/xref "
-                  base="i1380987"
-                  href="252.204-7012.dita#DFARS_252.204-7012">252.204-7012</xref>
+        </li>
+        <li>
+          <p outputclass="List1" class="- topic/p "><ph props="autonumber" class="-topic/ph">(c)</ph> For covered contractor information systems that are not part of an information technology service or system operated on behalf of the Government (see
+               <xref outputclass="fm:ParaNumOnly" class="- topic/xref " base="i1380987" href="252.204-7012.dita#DFARS_252.204-7012">252.204-7012</xref>
             (b)(2)—</p>
-         <p outputclass="List2" class="- topic/p ">(1)  By submission of this offer, the Offeror represents that it will implement the security requirements specified by National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” (see http://dx.doi.org/10.6028/NIST.SP.800-171) that are in effect at the time the solicitation is issued or as authorized by the contracting officer not later than December 31, 2017.</p>
-         <p outputclass="List2" class="- topic/p ">(2)(i)  If the Offeror proposes to vary from any of the security requirements specified by NIST SP 800-171 that are in effect at the time the solicitation is issued or as authorized by the Contracting Officer, the Offeror shall submit to the Contracting Officer, for consideration by the DoD Chief Information Officer (CIO), a written explanation of—</p>
-         <p outputclass="List4" class="- topic/p ">(A)  Why a particular security requirement is not applicable; or</p>
-         <p outputclass="List4" class="- topic/p ">(B)  How an alternative but equally effective, security measure is used to compensate for the inability to satisfy a particular requirement and achieve equivalent protection.</p>
-         <p outputclass="List3" class="- topic/p ">(ii)  An authorized representative of the DoD CIO will adjudicate offeror requests to vary from NIST SP 800-171 requirements in writing prior to contract award.  Any accepted variance from NIST SP 800-171 shall be incorporated into the resulting contract.</p>
-         <p outputclass="Endofprovision" class="- topic/p ">(End of provision)</p>
-      </conbody>
-   </concept>
+          <info li_elems="0"/>
+          <ol>
+            <li>
+              <p outputclass="List2" class="- topic/p "><ph props="autonumber" class="-topic/ph">(1)</ph> By submission of this offer, the Offeror represents that it will implement the security requirements specified by National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” (see http://dx.doi.org/10.6028/NIST.SP.800-171) that are in effect at the time the solicitation is issued or as authorized by the contracting officer not later than December 31, 2017.</p>
+            </li>
+            <li>
+              <p outputclass="List2" class="- topic/p ">
+                <ph props="autonumber" class="-topic/ph">(2)</ph>
+              </p>
+              <info li_elems="0"/>
+              <ol>
+                <li>
+                  <p outputclass="List3" class="- topic/p "><ph props="autonumber" class="-topic/ph">(i)</ph> If the Offeror proposes to vary from any of the security requirements specified by NIST SP 800-171 that are in effect at the time the solicitation is issued or as authorized by the Contracting Officer, the Offeror shall submit to the Contracting Officer, for consideration by the DoD Chief Information Officer (CIO), a written explanation of—</p>
+                  <info li_elems="0"/>
+                  <ol>
+                    <li>
+                      <p outputclass="List4" class="- topic/p "><ph props="autonumber" class="-topic/ph">(A)</ph> Why a particular security requirement is not applicable; or</p>
+                    </li>
+                    <li>
+                      <p outputclass="List4" class="- topic/p "><ph props="autonumber" class="-topic/ph">(B)</ph> How an alternative but equally effective, security measure is used to compensate for the inability to satisfy a particular requirement and achieve equivalent protection.</p>
+                      <info li_elems="2"/>
+                    </li>
+                  </ol>
+                </li>
+                <li>
+                  <p outputclass="List3" class="- topic/p "><ph props="autonumber" class="-topic/ph">(ii)</ph> An authorized representative of the DoD CIO will adjudicate offeror requests to vary from NIST SP 800-171 requirements in writing prior to contract award.  Any accepted variance from NIST SP 800-171 shall be incorporated into the resulting contract.</p>
+                </li>
+              </ol>
+            </li>
+          </ol>
+        </li>
+      </ol>
+      <p outputclass="Endofprovision" class="- topic/p ">(End of provision)</p>
+    </conbody>
+  </concept>
 </dita>