FAR 52.204-21

Cybersecurity is a requirement

What FAR 52.204-21?

On May 16, 2016 the Federal Government mandated Contractors to protect their IT systems with 15 security controls via a federal acquisition regulation clause (FAR) 52.204-21 “Basic Safeguarding of Covered Contractor Information Systems”.

A covered contractor information system is any information system that processes, stores, or transmits federal contract information. For most small and medium sized companies this will likely encompass all of their IT systems, as a result the 15 mandated security controls will need to be applied. Keeping in mind that in the near future the Federal government will require 110 controls from the NIST SP 800-171 framework as opposed to only the only 15 required now organizations should look to the future.

Desired Outcomes can help implement the currently required 15 controls and the future required NIST SP 800-171 controls.

Learn More

Become FAR 52.204-21 Compliant

The staff at Desired Outcomes has experience implementing the controls required for meeting FAR 52.204-21 compliance. We have the capability to plan, document, and deploy the 15 cybersecurity controls required for you to work on Federal contracts. We can also implement the 110 NIST SP 800-171 controls which will be required in future federal contracts.

Reach out for a free consultation

The below button will take you to a google form, once submitting a consultant will reach out to you.