Common use of APPLICABLE PUBLICATIONS (CURRENT EDITIONS) Clause in Contracts

APPLICABLE PUBLICATIONS (CURRENT EDITIONS). 6.1. The Contractor (to include subcontractors) must abide by all applicable regulations, publications, manuals, and local policies and procedures. • AR 25-2, Army Cybersecurity • AR 530-1, Operations Security • DOD 8570.01 M Information Assurance Workforce Improvement Program, Incorporating Change 4, 11/102015 • Department of Defense Directive (▇▇▇▇) 8140.01, Cyberspace Workforce Management DoD Instruction (▇▇▇▇) 8510.10, Risk Management Framework (RMF) for DoD Information Technology (IT) • National Institutes of Standards and Technology (NIST) Special Publication (SP) 800-53 Rev. 4 (or latest final version) National Security and Privacy Controls for Federal Information Systems and Organizations • NIST SP 800-37 Rev. 1 (or latest final version) Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach • Federal Information Processing Standards Publication (FIPS) 199, Standards for Security Categorization of Federal Information and Information Systems • Federal Information Processing Standards Publication (FIPS) 200 Minimum Security Requirements for Federal Information and Information Systems • FAR, DFARS, and AFARS • ▇▇▇▇ 8510.01 “Risk Management Framework (RMF) for DoD Information Technology (IT) • National Institute of Standards and Technology Special Publication (NIST) 800-37 “Guide for Applying the Risk Management Framework to Federal Information Systems • Committee on National Security Systems (CNSS) Instruction No. 1253, “Security Categorization and Control Selection for National Security Systems • NIST 800-53, “Recommended Security Controls for Federal Information Systems and Organizations”

APPLICABLE PUBLICATIONS (CURRENT EDITIONS). 6.1. The Contractor (to include subcontractors) must abide by all applicable regulations, publications, manuals, and local policies and procedures. •  AR 25-2, Army Cybersecurity •  AR 530-1, Operations Security •  DOD 8570.01 M Information Assurance Workforce Improvement Program, Incorporating Change 4, 11/102015 •  Department of Defense Directive (▇▇▇▇) 8140.01, Cyberspace Workforce Management DoD Instruction (▇▇▇▇) 8510.10, Risk Management Framework (RMF) for DoD Information Technology (IT) •  National Institutes of Standards and Technology (NIST) Special Publication (SP) 800-53 Rev. 4 (or latest final version) National Security and Privacy Controls for Federal Information Systems and Organizations •  NIST SP 800-37 Rev. 1 (or latest final version) Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach •  Federal Information Processing Standards Publication (FIPS) 199, Standards for Security Categorization of Federal Information and Information Systems •  Federal Information Processing Standards Publication (FIPS) 200 Minimum Security Requirements for Federal Information and Information Systems •  FAR, DFARS, and AFARS •  ▇▇▇▇ 8510.01 “Risk Management Framework (RMF) for DoD Information Technology (IT) •  National Institute of Standards and Technology Special Publication (NIST) 800-37 “Guide for Applying the Risk Management Framework to Federal Information Systems •  Committee on National Security Systems (CNSS) Instruction No. 1253, “Security Categorization and Control Selection for National Security Systems •  NIST 800-53, “Recommended Security Controls for Federal Information Systems and Organizations”