Defense Federal Acquisition Regulation Supplement (DFARS/800-171) Compliance
What is DFARS?
The Defense Federal Acquisition Regulation Supplement (DFARS) broadly stipulates that any company working with the Department of Defense, in any capacity, must meet certain data security benchmarks in order to acquire and maintain a contract.
It does not only fall to organizations hosting ‘sensitive information’ to meet this regulation – DFARS pertains to any organization looking to contract with the DoD.
DFARS Compliance: a Comprehensive guide to understanding
your requirements
Worried about DFARS? We’ve compiled everything you need to know!
Who needs to be compliant?
Anyone who is looking to win a contract to work with the DoD or other federal agencies is required to be DFARS compliant. Whether you are a large defense contractor or a smaller organization trying to win your first contract, DFARS compliance is a must.
Even if you do not currently bid on contracts with the DoD, you can take advantage of future opportunities by becoming DFARS compliant and showing your strong security posture.
What are the DFARS compliance requirements?
Adoption of 79 predefined security protocols
Implementation of cyber incident analysis and reporting
Adequate intrusion monitoring and disclosure
Pass a readiness assessment following NIST SP 800-171 guidelines
Coverage of all information, regardless of location, pertaining to Controlled Technical Information, OpSec Information, Export-Controlled Information and anything specifically related to the contract that does not fall into one of these categories.
Achieve DFARS compliance with
our simple 3-step process:
Gap Assessment
The first step to becoming DFARS-compliant is to see how your organization is meeting the minimum DFARS requirements. This is referred to as a Gap Assessment, and is designed to determine the “gaps” or holes in your business’s security posture and to show you how to fill them.
Charles IT can help make sure you are compliant so you can take on the contracts that are critical to your business. Whether you are familiar or new to DFARS compliance, a Gap Assessment should be performed so there are no surprises come audit time.
Our Charles IT GAP Assessment may uncover issues relating to:
- Control of information systems and how they are accessed
- Training processes of information system administrators and managers
- Storage of data records
- Implementation of security measures and controls
- Development and implementation of incident response
Enlist our DFARS Services
Backup and Disaster Recovery
Backup and Disaster Recovery
Dark Web Monitoring
Dark Web Monitoring
Endpoint Encryption
Endpoint Encryption
External Vulnerability Scanning
External Vulnerability Scanning
Security Awareness Training
Security Awareness Training
SIEM
SIEM
DFARS Audit Assistance
Preparing for a DFARS audit is daunting, and navigating exactly what the auditors are looking for can be stressful.
Charles IT can guide you through this complex process. We can get the ball rolling by recommending DFARS auditors and then act on your behalf to produce the evidence needed to prove your security posture and effectiveness of controls.
Do not let this process distract you from what you do best: running your business. Let Charles IT step in and help you on the path to DFARS certification!
What results to expect
Once we start working with clients to achieve DFARS compliance, we’ve seen them enjoy…
- Confidence in passing a DFARS audit
- Robust cybersecurity and disaster recovery protocols
- Increased client trust from better data management
- Peace of mind that they are secure and DFARS-compliant
Don't just take our word for it
It’s always a great feeling when you know that someone has your back. Thanks for the fast response time and professional service, Matt!
Charles IT are ALWAYS so responsive and helpful. Truly the best!
Charles IT are always thinking of everything we’re not. They listen to our needs and they don’t just point out problems, they have solutions.