Implementation of Information Technology Security Requirements; GSAR Sections Affected: 511.170, 511.171

This information collection applies to General Services Administration (GSA) contracts requiring contractors accessing information systems that support the operations and assets of GSA, another agency, contractor, or other source, to comply with GSA’s IT security policies and procedures to adhere to applicable Federal laws that include, but are not limited to: ● 40 U.S.C. 11331 (Responsibilities for Federal Information Systems Standards), ● Federal Information Security Modernization Act (FISMA) of 2014, ● Various National Institute of Standards and Technology (NIST) publications (i.e., FIPS PUB 199 - Standards for Security Categorization of Federal Information and Information Systems, FIPS Pub 200 - Minimum Security Requirements for Federal Information and Information Systems, NIST 800-53 - Security and Privacy Controls for Information Systems and Organizations) and the E-Government Act of 2002. The following General Services Administration Acquisition Regulation (GSAR) sections are covered by this information collection: ● 511.170 Information Technology Coordination and Standards ● 511.171 Requirements for GSA Information Systems

The latest form for Implementation of Information Technology Security Requirements; GSAR Sections Affected: 511.170, 511.171 expires 2027-03-31 and can be found here.