Security Requirements Tab
Use this tab to specify security details, CMMC requirements, and other clearance information related to the opportunity.
When the opportunity is won and you create a contract record from the opportunity, the data on this tab flows through the contract record. Details are carried over to the Security Requirements tab of the Manage Contracts screen.
Contents
| Field | Description |
|---|---|
| Classified | Select this checkbox if the opportunity involves classified information or if the work is expected to require access to classified materials. |
| US Citizenship Restrictions | Select this checkbox if the opportunity has restrictions requiring US citizenship. |
| DD254 Required | Select this checkbox if a DD254 form (Department of Defense Contract Security Classification Specification) is necessary for the opportunity. This form is typically required for contracts involving access to classified information. |
| FedRamp | Select this checkbox if the opportunity involves cloud services that must meet federal security standards as outlined by the Federal Risk and Authorization Management Program (FedRamp). |
| NIST 800-53 | Select this checkbox if the opportunity requires compliance with NIST Special Publication 800-53, which provides a catalog of security and privacy controls for federal information systems and organizations. |
| NIST 800-171 | Select this checkbox if the opportunity requires compliance with NIST Special Publication 800-171, which outlines security requirements for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations. |
| ITAR | Select this checkbox if the opportunity must comply with the International Traffic in Arms Regulations (ITAR). This is important for opportunities involving export-controlled information. |
| Security Clearance | Enter, or click
 to select, the minimum level of security clearance required for the opportunity. Options include:
|
| Other Clearance | Enter, or click
to select, any additional clearance requirements beyond standard security clearances (for example, Sensitive Compartmented Information or Special Access Program requirements).
|
| CMMC Requirements |
Enter any information on Cybersecurity Maturity Model Certification (CMMC) requirements related to the opportunity. If the opportunity comes from GovWin IQ, this field displays CMMC information from GovWin IQ, but you can edit it. CMMC aims to measure the maturity or level of the organization's cybersecurity processes in complying with the protection of controlled unclassified information (CUI) within the Defense Industrial Base (DIB) networks. There are various levels of CMMC certifications. Controls and processes associated with each level are aimed to reduce the risk against a specific set of cyber threats. Attention: For more information on CMMC, visit
https://dodcio.defense.gov/CMMC/.
|