Viewable by the world

The OCIO is responsible for managing and implementing IT and cyber-related contract requirements. This section describes how we implement those requirements and provide assurance regarding our implementation. This is not the record copy of applicable requirements.

Active (in contract)

DOE Orders and Policies

Directive (from Contractor Requirements Document)Effective DateDescriptionImplementation Crosswalk
O 200.1A Information Technology Management4/3/2009Requires the use of sound business practices in the management of IT and compliance with applicable laws.200.1A Implementation
O 205.1B Department of Energy Cyber Security Program7/3/2014Requires a cyber security program that uses the Risk Management Approach and an assurance system that demonstrates that the program is working.205.1B Implementation
O 206.1 Department of Energy Privacy Program6/20/19Describes requirements related to Berkeley Lab's implementation of privacy controls such as reporting of security breaches impacting federal PII and206.1 Implementation
O 206.2 Identity, Credential, and Access Management (ICAM)6/3/2013Defines HSPD-12 requirements as well as additional requirements related to ICAM for DOE information systems.206.2 Implementation
O 241.1B Scientific and Technical Information Management12/2/2011Requires management and distribution of Scientific & Technical Information created through DOE-funded work.241.1B Implementation
O 243.1B Records Management Program7/3/2014Requires records management program per NARA regulations243.1B Implementation
O 415.1 Information Technology Project Management6/3/2013Requires best practices in IT project management.415.1 Implementation
O 471.3 Identifying and Protecting OUO Information12/2/2014Requirements for handling Official Use Only information471.3 Implementation
M 471.3-1 Manual for Identifying and Protecting OUO Information12/2/2014Manual requirements for handling Official Use Only information471.3-1 Implementation

Contract Clauses (Mod. No. 1138)

Contract ClauseDescriptionImplementation Crosswalk

Section H - Special Contract Requirements/Cl. H.7 Privacy Act Records

Identifies certain Systems of Records (SOR) subject to the Privacy Act to be maintained by Berkeley Lab.H.7 Implementation
I.67 Privacy Act Notification (Apr 1984) (Prev. I.31) (FAR 52.224-1)Identifies requirements related to Privacy Act compliance, workforce training, and subcontractor requirements.

Section I Implementation

I.68 Privacy Act (Apr 1984) (Prev. I.32) (FAR 52.224-2)
I.69 Privacy Training (Jan 2017) (PREV. I.163) (FAR 52.224-3)
I.108 Computer Security (AUG 2006) (PREV. I.124) (DEAR 952.204-77)

I.124 Access to and Ownership of Records (OCT 2014)
(DEVIATION PER POLICY FLASH 2015-23) (PREV. I.80) (DEAR 970.5204-3)

Describes the approach for ownership and access of records created in the context of executing the Prime Contract.

  • No labels