Supplier Info
LMS DFARS Clause 252.204-7012 Cyber Security Compliance Statement
LMS services the Defense Industry as a sub-tier contractor to the Department of Defense (DoD) requiring LMS compliance to DFARS Clause 252.204-7012 Cyber Security Compliance.
Controlled Unclassified Information (CUI) is safeguarded when residing on or transiting through LMS’ internal digital information network
Compliance to DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting requires LMS implementation of NIST Special Publication (SP) 800-171, through LMS System Security Plans, (SSP), including Plans of Action.
DFARS Clause 252.204-7012 requires contractors/subcontractors to:
- Provide adequate security to safeguard covered defense information that resides on or is transiting through a contractor’s internal information system or network.
- Report cyber incidents that affect a covered contractor information system or the covered defense information residing therein, or that affect the contractor’s ability to perform requirements designated as operationally critical support.
- Submit malicious software discovered and isolated in connection with a reported cyber incident to the DoD Cyber Crime Center.
- If requested, submit media and additional information to support damage assessment
- Flow down the clause in subcontracts for operationally critical support, or for which subcontract performance will involve covered defense information.