(a) Agencies shall ensure that information assurance is provided for information technology in accordance with current policies, procedures, and statutes, to include-
(1) The National Security Act;
(2) The Clinger-Cohen Act;
(3) National Security Telecommunications and Information Systems Security Policy No. 11;
(4) Federal Information Processing Standards;
(5) DoD Directive 8500.1, Information Assurance;
(6) DoD Instruction 8500.2, Information Assurance Implementation;
(7) DoD Directive 8570.01, Information Assurance Training, Certification, and
Workforce Management; and
(8) DoD Manual 8570.01-M, Information Assurance Workforce Improvement Program.
(b) For all acquisitions, the requiring activity is responsible for providing to the contracting officer-
(1) Statements of work, specifications, or statements of objectives that meet information assurance requirements as specified in paragraph (a) of this subsection;
(2) Inspection and acceptance contract requirements; and
(3) A determination as to whether the information technology requires protection against compromising emanations.
