Common use of Operations Security (OPSEC Clause in Contracts

Operations Security (OPSEC. The Contractor shall develop, implement, and maintain an OPSEC program to protect controlled unclassified and classified activities, information, equipment, and material used or developed by the Contractor and any subcontractor during performance of the Contract. The Contractor shall be responsible for the subcontractor implementation of the OPSEC requirements. This program may include Information Assurance and Communications Security (COMSEC). The OPSEC program shall be IAW National Security Decision Directive (NSDD) 298 and at a minimum shall include: a. Assignment of responsibility for OPSEC direction and implementation. b. Issuance of procedures and planning guidance for the use of OPSEC techniques to identify vulnerabilities and apply applicable countermeasures. c. Establishment of OPSEC education and awareness training. d. Provisions for management, annual review, and evaluation of OPSEC programs. e. Flow down of OPSEC requirements to subcontractors when applicable. While performing aboard Government or Government sites, the Contractor shall comply with facility OPSEC program instructions and contribute to organization-level OPSEC efforts; include OPSEC as part of its ongoing security awareness program and take all required Agency training; be responsive to the Supporting OPSEC Manager on a non- interference basis; and protect sensitive unclassified information and activities which could compromise classified information or operations or degrade the planning and execution of operations performed by the Requirements Owner and Contractor in support of the mission. OPSEC CDRLs requirements will be defined on a per TO basis.

Operations Security (OPSEC. The Contractor shall develop, implement, and maintain an OPSEC program to protect controlled unclassified and classified activities, information, equipment, and material used or developed by the Contractor and any subcontractor during performance of the Contractcontract. The Contractor shall be responsible for the subcontractor implementation of the OPSEC requirements. This program may include Information Assurance and Communications Security (COMSEC). The OPSEC program shall be IAW in accordance with National Security Decision Directive (NSDD) 298 298, and at a minimum shall include: a. : Assignment of responsibility for OPSEC direction and implementation. b. . Issuance of procedures and planning guidance for the use of OPSEC techniques to identify vulnerabilities and apply applicable countermeasures. c. . Establishment of OPSEC education and awareness training. d. . Provisions for management, annual review, and evaluation of OPSEC programs. e. . Flow down of OPSEC requirements to subcontractors when applicable. While performing aboard Government or at Government sites, the Contractor shall comply shall: Comply with facility OPSEC program instructions and contribute to organization-level OPSEC efforts; include . Include OPSEC as part of its ongoing security awareness program and take all required Agency training; be . Be responsive to the Supporting OPSEC Manager on a non- non-interference basis; and protect . Protect sensitive unclassified information and activities activities, which could compromise classified information or operations operations, or degrade the planning and execution of operations performed by the Requirements Owner RO and Contractor in support of the mission. OPSEC CDRLs requirements will be defined on a per TO basis.

Operations Security (OPSEC. The Contractor shall develop, implement, and maintain an OPSEC program to protect controlled unclassified and classified activities, information, equipment, and material used or developed by the Contractor and any subcontractor during performance of the Contract. The Contractor shall be responsible for the subcontractor implementation of the OPSEC requirements. This program may include Information Assurance (IA) and Communications Security (COMSEC). The OPSEC program shall be IAW National Security Decision Directive (NSDD) 298 and at a minimum shall include: a. 1) Assignment of responsibility for OPSEC direction and implementation. b. 2) Issuance of procedures and planning guidance for the use of OPSEC techniques to identify vulnerabilities and apply applicable countermeasures. c. 3) Establishment of OPSEC education and awareness training. d. 4) Provisions for management, annual review, and evaluation of OPSEC programs. e. 5) Flow down of OPSEC requirements to subcontractors when applicable. While performing aboard Government or Government sites, the Contractor shall comply with facility OPSEC program instructions and contribute to organization-level OPSEC efforts.; include OPSEC as part of its ongoing security awareness program and take all required Agency training.; be responsive to the Supporting OPSEC Manager on a non- non-interference basis; and protect sensitive unclassified information and activities which could compromise classified information or operations or degrade the planning and execution of operations performed by the Requirements Owner and Contractor in support of the mission. OPSEC CDRLs requirements will be defined on a per TO basis.(CDRL A015)

Operations Security (OPSEC. The Contractor shall develop, implement, and maintain an OPSEC program to protect controlled unclassified and classified activities, information, equipment, and material used or developed by the Contractor and any subcontractor during performance of the Contractcontract. The Contractor shall be responsible for the subcontractor implementation of the OPSEC requirements. This program may include Information Assurance and Communications Security (COMSEC). The OPSEC program shall be IAW in accordance with National Security Decision Directive (NSDD) 298 298, and at a minimum shall include: a. (1) Assignment of responsibility for OPSEC direction and implementation. b. (2) Issuance of procedures and planning guidance for the use of OPSEC techniques to identify vulnerabilities and apply applicable countermeasures. c. (3) Establishment of OPSEC education and awareness training. d. (4) Provisions for management, annual review, and evaluation of OPSEC programs. e. (5) Flow down of OPSEC requirements to subcontractors when applicable. While performing aboard Government NAVAIR or Government NAVAIR sites, the Contractor contractor shall comply with facility OPSEC program instructions and contribute to organization-level OPSEC efforts; include . Include OPSEC as part of its ongoing security awareness program and take all required Agency training; be . Be responsive to the Supporting OPSEC Manager on a non- non-interference basis; and protect . Protect sensitive unclassified information and activities activities, which could compromise classified information or operations operations, or degrade the planning and execution of operations performed by the Requirements Owner RO and Contractor contractor in support of the mission. OPSEC CDRLs requirements will be defined on a per TO basis.