Subpart G—Other Special Categories Of Contracting

Editorial Notes

Amendments

2018—Pub. L. 115–232, div. A, title VIII, §801(a), Aug. 13, 2018, 132 Stat. 1830, added subpart heading.

Statutory Notes and Related Subsidiaries

Requiring Defense Microelectronics Products and Services Meet Trusted Supply Chain and Operational Security Standards

Pub. L. 116–92, div. A, title II, §224, Dec. 20, 2019, 133 Stat. 1266, provided that:

"(a) Purchases.—To protect the United States from intellectual property theft and to ensure national security and public safety in the application of new generations of wireless network technology and microelectronics, beginning no later than January 1, 2023, the Secretary of Defense shall ensure that each microelectronics product or service that the Department of Defense purchases on or after such date meets the applicable trusted supply chain and operational security standards established pursuant to subsection (b), except in a case in which the Department seeks to purchase a microelectronics product or service but—

"(1) no such product or service is available for purchase that meets such standards; or

"(2) no such product or service is available for purchase that—

"(A) meets such standards; and

"(B) is available at a price that the Secretary does not consider prohibitively expensive.

"(b) Trusted Supply Chain and Operational Security Standards.—

"(1) Standards required.—(A) Not later than January 1, 2021, the Secretary shall establish trusted supply chain and operational security standards for the purchase of microelectronics products and services by the Department.

"(B) For purposes of this section, a trusted supply chain and operational security standard—

"(i) is a standard that systematizes best practices relevant to—

"(I) manufacturing location;

"(II) company ownership;

"(III) workforce composition;

"(IV) access during manufacturing, suppliers' design, sourcing, manufacturing, packaging, and distribution processes;

"(V) reliability of the supply chain; and

"(VI) other matters germane to supply chain and operational security; and

"(ii) is not a military standard (also known as 'MIL-STD') or a military specification (also known as 'MIL-SPEC') for microelectronics that—

"(I) specifies individual features for Department of Defense microelectronics; or

"(II) otherwise inhibits the acquisition by the Department of securely manufactured, commercially-available products.

"(2) Consultation required.—In developing standards under paragraph (1), the Secretary shall consult with the following:

"(A) The Secretary of Homeland Security, the Secretary of State, the Secretary of Commerce, and the Director of the National Institute of Standards and Technology.

"(B) Suppliers of microelectronics products and services from the United States and allies and partners of the United States.

"(C) Representatives of major United States industry sectors that rely on a trusted supply chain and the operational security of microelectronics products and services.

"(D) Representatives of the United States insurance industry.

"(3) Tiers of trust and levels of security authorized.—In carrying out paragraph (1), the Secretary may establish tiers and levels of trust and security within the supply chain and operational security standards for microelectronics products and services.

"(4) General applicability.—The standards established pursuant to paragraph (1) shall be, to the greatest extent practicable, generally applicable to the trusted supply chain and operational security needs and use cases of the United States Government and commercial industry, such that the standards could be widely adopted by government agencies, commercial industry, and allies and partners of the United States as the basis for procuring microelectronics products and services.

"(5) Annual review.—Not later than October 1 of each year, the Secretary shall, in consultation with persons and entities set forth under paragraph (2), review the standards established pursuant to paragraph (1) and issue updates or modifications as the Secretary considers necessary or appropriate.

"(c) Ensuring Ability to Sell Commercially.—

"(1) In general.—The Secretary shall, to the greatest extent practicable, ensure that suppliers of microelectronics products and services for the Department of Defense subject to subsection (a) are able and incentivized to sell products commercially and to governments of allies and partners of the United States that are produced on the same production lines as the microelectronics products supplied to the Department of Defense.

"(2) Effect of requirements and acquisitions.—The Secretary shall, to the greatest extent practicable, ensure that the requirements of the Department and the acquisition by the Department of microelectronics enable the success of a dual-use microelectronics industry.

"(d) Maintaining Competition and Innovation.—The Secretary shall take such actions as the Secretary considers necessary and appropriate, within the Secretary's authorized activities to maintain the health of the defense industrial base, to ensure that—

"(1) providers of microelectronics products and services that meet the standards established under subsection (b) are exposed to competitive market pressures to achieve competitive pricing and sustained innovation; and

"(2) the industrial base of microelectronics products and services that meet the standards established under subsection (b) includes providers manufacturing in the United States or in countries that are allies or partners of the United States."

Standards and Certification for Private Security Contractors

Pub. L. 111–383, div. A, title VIII, §833, Jan. 7, 2011, 124 Stat. 4276, provided that:

"(a) Review of Third-Party Standards and Certification Processes.—Not later than 90 days after the date of the enactment of this Act [Jan. 7, 2011], the Secretary of Defense shall—

"(1) determine whether the private sector has developed—

"(A) operational and business practice standards applicable to private security contractors; and

"(B) third-party certification processes for determining whether private security contractors adhere to standards described in subparagraph (A); and

"(2) review any standards and processes identified pursuant to paragraph (1) to determine whether the application of such standards and processes will make a substantial contribution to the successful performance of private security functions in areas of combat operations or other significant military operations.

"(b) Revised Regulations.—Not later than 270 days after the date of the enactment of this Act, the Secretary of Defense shall revise the regulations promulgated under section 862 of the National Defense Authorization Act for Fiscal Year 2008 (Public Law 110–181; 10 U.S.C. 2302 note [now 10 U.S.C. 4501 note prec., set out below]) to ensure that such regulations—

"(1) establish criteria for defining standard practices for the performance of private security functions, which shall reflect input from industry representatives as well as the Inspector General of the Department of Defense; and

"(2) establish criteria for weapons training programs for contractors performing private security functions, including minimum requirements for weapons training programs of instruction and minimum qualifications for instructors for such programs.

"(c) Inclusion of Third-Party Standards and Certifications in Revised Regulations.—

"(1) Standards.—If the Secretary determines that the application of operational and business practice standards identified pursuant to subsection (a)(1)(A) will make a substantial contribution to the successful performance of private security functions in areas of combat operations or other significant military operations, the revised regulations promulgated pursuant to subsection (b) shall incorporate a requirement to comply with such standards, subject to such exceptions as the Secretary may determine to be necessary.

"(2) Certifications.—If the Secretary determines that the application of a third-party certification process identified pursuant to subsection (a)(1)(B) will make a substantial contribution to the successful performance of private security functions in areas of combat operations or other significant military operations, the revised regulations promulgated pursuant to subsection (b) may provide for the consideration of such certifications as a factor in the evaluation of proposals for award of a covered contract for the provision of private security functions, subject to such exceptions as the Secretary may determine to be necessary.

"(d) Definitions.—In this section:

"(1) Covered contract.—The term 'covered contract' means—

"(A) a contract of the Department of Defense for the performance of services;

"(B) a subcontract at any tier under such a contract; or

"(C) a task order or delivery order issued under such a contract or subcontract.

"(2) Contractor.—The term 'contractor' means, with respect to a covered contract, the contractor or subcontractor carrying out the covered contract.

"(3) Private security functions.—The term 'private security functions' means activities engaged in by a contractor under a covered contract as follows:

"(A) Guarding of personnel, facilities, or property of a Federal agency, the contractor or subcontractor, or a third party.

"(B) Any other activity for which personnel are required to carry weapons in the performance of their duties.

"(e) Exception.—The requirements of this section shall not apply to contracts entered into by elements of the intelligence community in support of intelligence activities."

Contracts in Iraq and Afghanistan and Private Security Contracts in Areas of Other Significant Military Operations

Pub. L. 111–383, div. A, title VIII, §831(b), Jan. 7, 2011, 124 Stat. 4274, provided that:

"(1) Deadline for regulations.—Not later than 60 days after the date of the enactment of this Act [Jan. 7, 2011], the Secretary of Defense shall revise the regulations prescribed pursuant to section 862 of the National Defense Authorization Act for Fiscal Year 2008 (Public Law 110–181; 10 U.S.C. 2302 note [now 10 U.S.C. 4501 note prec., set out below]) to incorporate the requirements of the amendments made by subsection (a).

"(2) Commencement of applicability of revisions.—The revision of regulations under paragraph (1) shall apply to the following:

"(A) Any contract that is awarded on or after the date that is 120 days after the date of the enactment of this Act.

"(B) Any task or delivery order that is issued on or after the date that is 120 days after the date of the enactment of this Act pursuant to a contract that is awarded before, on, or after the date that is 120 days after the date of the enactment of this Act.

"(3) Commencement of inclusion of contract clause.—A contract clause that reflects the revision of regulations required by the amendments made by subsection (a) shall be inserted, as required by such section 862, into the following:

"(A) Any contract described in paragraph (2)(A).

"(B) Any task or delivery order described in paragraph (2)(B)."

Pub. L. 111–383, div. A, title VIII, §832(b), Jan. 7, 2011, 124 Stat. 4275, provided that:

"(1) Determination required for certain areas.—Not later than 150 days after the date of the enactment of this Act [Jan. 7, 2011], the Secretary of Defense shall make a written determination for each of the following areas regarding whether or not the area constitutes an area of combat operations or an area of other significant military operations for purposes of designation as such an area under section 862 of the National Defense Authorization Act for Fiscal Year 2008 (Public Law 110–181; 10 U.S.C. 2302 note [now 10 U.S.C. 4501 note prec., set out below]), as amended by this section:

"(A) The Horn of Africa region.

"(B) Yemen.

"(C) The Philippines.

"(2) Submission to congress.—Not later than 180 days after the date of the enactment of this Act, the Secretary of Defense shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a copy of each written determination under paragraph (1), together with an explanation of the basis for such determination."

Pub. L. 110–417, [div. A], title VIII, §854(b), Oct. 14, 2008, 122 Stat. 4545, provided that:

"(1) Through memorandum of understanding.—The memorandum of understanding required by section 861(a) of the National Defense Authorization Act for Fiscal Year 2008 (Public Law 110–181; 122 Stat. 253; 10 U.S.C. 2302 note [now 10 U.S.C. 4501 note prec., set out below]) shall be modified to address the requirements under the amendment made by subsection (a) [amending Pub. L. 110–181, §861(b), set out below] not later than 120 days after the date of the enactment of this Act [Oct. 14, 2008].

"(2) As condition of current and future contracts.—The requirements under the amendment made by subsection (a) shall be included in each contract in Iraq or Afghanistan (as defined in section 864(a)(2) of Public Law 110–181; [10 U.S.C.] 2302 note [now 10 U.S.C. 4501 note prec., set out below]) awarded on or after the date that is 180 days after the date of the enactment of this Act [Oct. 14, 2008]. Federal agencies shall make best efforts to provide for the inclusion of such requirements in covered contracts awarded before such date."

Pub. L. 110–417, [div. A], title VIII, §854(c), Oct. 14, 2008, 122 Stat. 4545, provided that: "Beginning not later than 270 days after the date of the enactment of this Act [Oct. 14, 2008], the Secretary of Defense shall make publicly available a numerical accounting of alleged offenses described in section 861(b)(6) of Public Law 110–181 [set out below] that have been reported under that section that occurred after the date of the enactment of this Act. The information shall be updated no less frequently than semi-annually."

Pub. L. 110–181, div. A, title VIII, subtitle F, Jan. 28, 2008, 122 Stat. 253, as amended by Pub. L. 110–417, [div. A], title VIII, §§853, 854(a), (d), Oct. 14, 2008, 122 Stat. 4544, 4545; Pub. L. 111–84, div. A, title VIII, §813(a)–(c), Oct. 28, 2009, 123 Stat. 2406, 2407; Pub. L. 111–383, div. A, title VIII, §§831(a), 832(a), (c), 835, title X, §1075(d)(9), Jan. 7, 2011, 124 Stat. 4273, 4275, 4276, 4279, 4373; Pub. L. 112–81, div. A, title VIII, §844(c), Dec. 31, 2011, 125 Stat. 1515; Pub. L. 112–239, div. A, title VIII, §847, Jan. 2, 2013, 126 Stat. 1850; Pub. L. 113–291, div. A, title X, §1071(b)(2)(D), Dec. 19, 2014, 128 Stat. 3506, provided that:

"SEC. 861. MEMORANDUM OF UNDERSTANDING ON MATTERS RELATING TO CONTRACTING.

"(a) Memorandum of Understanding Required.—The Secretary of Defense, the Secretary of State, and the Administrator of the United States Agency for International Development shall, not later than July 1, 2008, enter into a memorandum of understanding regarding matters relating to contracting for contracts in Iraq or Afghanistan.

"(b) Matters Covered.—The memorandum of understanding required by subsection (a) shall address, at a minimum, the following:

"(1) Identification of the major categories of contracts in Iraq or Afghanistan being awarded by the Department of Defense, the Department of State, or the United States Agency for International Development.

"(2) Identification of the roles and responsibilities of each department or agency for matters relating to contracting for contracts in Iraq or Afghanistan.

"(3) Responsibility for establishing procedures for, and the coordination of, movement of contractor personnel in Iraq or Afghanistan.

"(4) Identification of common databases that will serve as repositories of information on contracts in Iraq or Afghanistan and contractor personnel in Iraq or Afghanistan, including agreement on the elements to be included in the databases, including, at a minimum—

"(A) with respect to each contract—

"(i) a brief description of the contract (to the extent consistent with security considerations);

"(ii) the total value of the contract; and

"(iii) whether the contract was awarded competitively; and

"(B) with respect to contractor personnel—

"(i) the total number of personnel employed on contracts in Iraq or Afghanistan;

"(ii) the total number of personnel performing security functions under contracts in Iraq or Afghanistan; and

"(iii) the total number of personnel working under contracts in Iraq or Afghanistan who have been killed or wounded.

"(5) Responsibility for maintaining and updating information in the common databases identified under paragraph (4).

"(6) Responsibility for the collection and referral to the appropriate Government agency of any information relating to offenses under chapter 47 of title 10, United States Code (the Uniform Code of Military Justice) or chapter 212 of title 18, United States Code (commonly referred to as the Military Extraterritorial Jurisdiction Act), including a clarification of responsibilities under section 802(a)(10) of title 10, United States Code (article 2(a) of the Uniform Code of Military Justice), as amended by section 552 of the John Warner National Defense Authorization Act for Fiscal Year 2007 (Public Law 109–364).

"(7) Mechanisms for ensuring that contractors are required to report offenses described in paragraph (6) that are alleged to have been committed by or against contractor personnel to appropriate investigative authorities.

"(8) Responsibility for providing victim and witness protection and assistance to contractor personnel in connection with alleged offenses described in paragraph (6).

"(9) Development of a requirement that a contractor shall provide to all contractor personnel who will perform work on a contract in Iraq or Afghanistan, before beginning such work, information on the following:

"(A) How and where to report an alleged offense described in paragraph (6).

"(B) Where to seek the assistance required by paragraph (8).

"(c) Implementation of Memorandum of Understanding.—Not later than 120 days after the memorandum of understanding required by subsection (a) is signed, the Secretary of Defense, the Secretary of State, and the Administrator of the United States Agency for International Development shall issue such policies or guidance and prescribe such regulations as are necessary to implement the memorandum of understanding for the relevant matters pertaining to their respective agencies.

"(d) Copies Provided to Congress.—

"(1) Memorandum of understanding.—Copies of the memorandum of understanding required by subsection (a) shall be provided to the relevant committees of Congress within 30 days after the memorandum is signed.

"(2) Report on implementation.—Not later than 180 days after the memorandum of understanding required by subsection (a) is signed, the Secretary of Defense, the Secretary of State, and the Administrator of the United States Agency for International Development shall each provide a report to the relevant committees of Congress on the implementation of the memorandum of understanding.

"(3) Databases.—The Secretary of Defense, the Secretary of State, or the Administrator of the United States Agency for International Development shall provide access to the common databases identified under subsection (b)(4) to the relevant committees of Congress.

"(4) Contracts.—Effective on the date of the enactment of this Act [Jan. 28, 2008], copies of any contracts in Iraq or Afghanistan awarded after December 1, 2007, shall be provided to any of the relevant committees of Congress within 15 days after the submission of a request for such contract or contracts from such committee to the department or agency managing the contract.

"SEC. 862. CONTRACTORS PERFORMING PRIVATE SECURITY FUNCTIONS IN AREAS OF COMBAT OPERATIONS OR OTHER SIGNIFICANT MILITARY OPERATIONS.

"(a) Regulations on Contractors Performing Private Security Functions.—

"(1) In general.—Not later than 120 days after the date of the enactment of this Act [Jan. 28, 2008], the Secretary of Defense, in coordination with the Secretary of State, shall prescribe regulations on the selection, training, equipping, and conduct of personnel performing private security functions under a covered contract in an area of combat operations or other significant military operations.

"(2) Elements.—The regulations prescribed under subsection (a) shall, at a minimum, establish—

"(A) a process for registering, processing, accounting for, and keeping appropriate records of personnel performing private security functions in an area of combat operations or other significant military operations;

"(B) a process for authorizing and accounting for weapons to be carried by, or available to be used by, personnel performing private security functions in an area of combat operations or other significant military operations;

"(C) a process for the registration and identification of armored vehicles, helicopters, and other military vehicles operated by contractors performing private security functions in an area of combat operations or other significant military operations;

"(D) a process under which contractors are required to report all incidents, and persons other than contractors are permitted to report incidents, in which—

"(i) a weapon is discharged by personnel performing private security functions in an area of combat operations or other significant military operations;

"(ii) personnel performing private security functions in an area of combat operations or other significant military operations are killed or injured;

"(iii) persons are killed or injured, or property is destroyed, as a result of conduct by contractor personnel;

"(iv) a weapon is discharged against personnel performing private security functions in an area of combat operations or other significant military operations or personnel performing such functions believe a weapon was so discharged; or

"(v) active, non-lethal countermeasures (other than the discharge of a weapon) are employed by the personnel performing private security functions in an area of combat operations or other significant military operations in response to a perceived immediate threat to such personnel;

"(E) a process for the independent review and, if practicable, investigation of—

"(i) incidents reported pursuant to subparagraph (D); and

"(ii) incidents of alleged misconduct by personnel performing private security functions in an area of combat operations or other significant military operations;

"(F) requirements for qualification, training, screening (including, if practicable, through background checks), and security for personnel performing private security functions in an area of combat operations or other significant military operations;

"(G) guidance to the commanders of the combatant commands on the issuance of—

"(i) orders, directives, and instructions to contractors performing private security functions relating to equipment, force protection, security, health, safety, or relations and interaction with locals;

"(ii) predeployment training requirements for personnel performing private security functions in an area of combat operations or other significant military operations, addressing the requirements of this section, resources and assistance available to contractor personnel, country information and cultural training, and guidance on working with host country nationals and military; and

"(iii) rules on the use of force for personnel performing private security functions in an area of combat operations or other significant military operations;

"(H) a process by which a commander of a combatant command may request an action described in subsection (b)(3); and

"(I) a process by which the training requirements referred to in subparagraph (G)(ii) shall be implemented.

"(3) Availability of orders, directives, and instructions.—The regulations prescribed under subsection (a) shall include mechanisms to ensure the provision and availability of the orders, directives, and instructions referred to in paragraph (2)(G)(i) to contractors referred to in that paragraph, including through the maintenance of a single location (including an Internet website, to the extent consistent with security considerations) at or through which such contractors may access such orders, directives, and instructions.

"(b) Contract Clause on Contractors Performing Private Security Functions.—

"(1) Requirement under far.—Not later than 180 days after the date of the enactment of this Act [Jan. 28, 2008], the Federal Acquisition Regulation issued in accordance with section 1303 of title 41, United States Code[,] shall be revised to require the insertion into each covered contract (or, in the case of a task order, the contract under which the task order is issued) of a contract clause addressing the selection, training, equipping, and conduct of personnel performing private security functions under such contract.

"(2) Clause requirement.—The contract clause required by paragraph (1) shall require, at a minimum, that the contractor concerned shall—

"(A) ensure that the contractor and all employees of the contractor or any subcontractor who are responsible for performing private security functions under such contract comply with regulations prescribed under subsection (a), including any revisions or updates to such regulations, and follow the procedures established in such regulations for—

"(i) registering, processing, accounting for, and keeping appropriate records of personnel performing private security functions in an area of combat operations or other significant military operations;

"(ii) authorizing and accounting of weapons to be carried by, or available to be used by, personnel performing private security functions in an area of combat operations or other significant military operations;

"(iii) registration and identification of armored vehicles, helicopters, and other military vehicles operated by contractors and subcontractors performing private security functions in an area of combat operations or other significant military operations; and

"(iv) the reporting of incidents in which—

     "(I) a weapon is discharged by personnel performing private security functions in an area of combat operations or other significant military operations;

     "(II) personnel performing private security functions in an area of combat operations or other significant military operations are killed or injured; or

     "(III) persons are killed or injured, or property is destroyed, as a result of conduct by contractor personnel;

"(B) ensure that the contractor and all employees of the contractor or any subcontractor who are responsible for performing private security functions under such contract comply with—

"(i) qualification, training, screening (including, if practicable, through background checks), and security requirements established by the Secretary of Defense for personnel performing private security functions in an area of combat operations or other significant military operations;

"(ii) applicable laws and regulations of the United States and the host country, and applicable treaties and international agreements, regarding the performance of the functions of the contractor;

"(iii) orders, directives, and instructions issued by the applicable commander of a combatant command relating to equipment, force protection, security, health, safety, or relations and interaction with locals; and

"(iv) rules on the use of force issued by the applicable commander of a combatant command for personnel performing private security functions in an area of combat operations or other significant military operations;

"(C) cooperate with any investigation conducted by the Department of Defense pursuant to subsection (a)(2)(E) by providing access to employees of the contractor and relevant information in the possession of the contractor regarding the incident concerned; and

"(D) ensure that the contract clause is included in subcontracts awarded to any subcontractor at any tier who is responsible for performing private security functions under the contract.

"(3) Noncompliance of personnel with clause.—The contracting officer for a covered contract may direct the contractor, at its own expense, to remove or replace any personnel performing private security functions in an area of combat operations or other significant military operations who violate or fail to comply with applicable requirements of the clause required by this subsection. If the violation or failure to comply is a gross violation or failure or is repeated, the contract may be terminated for default.

"(4) Applicability.—The contract clause required by this subsection shall be included in all covered contracts awarded on or after the date that is 180 days after the date of the enactment of this Act [Jan. 28, 2008]. Federal agencies shall make best efforts to provide for the inclusion of the contract clause required by this subsection in covered contracts awarded before such date.

"(5) Inspector general report on pilot program on imposition of fines for noncompliance of personnel with clause.—Not later than March 30, 2008, the Inspector General of the Department of Defense shall submit to Congress a report assessing the feasibility and advisability of carrying out a pilot program for the imposition of fines on contractors for personnel who violate or fail to comply with applicable requirements of the clause required by this section as a mechanism for enhancing the compliance of such personnel with the clause. The report shall include—

"(A) an assessment of the feasibility and advisability of carrying out the pilot program; and

"(B) if the Inspector General determines that carrying out the pilot program is feasible and advisable—

"(i) recommendations on the range of contracts and subcontracts to which the pilot program should apply; and

"(ii) a schedule of fines to be imposed under the pilot program for various types of personnel actions or failures.

"(c) Oversight.—It shall be the responsibility of the head of the contracting activity responsible for each covered contract to ensure that the contracting activity takes appropriate steps to assign sufficient oversight personnel to the contract to—

"(1) ensure that the contractor responsible for performing private security functions under such contract comply with the regulatory requirements prescribed pursuant to subsection (a) and the contract requirements established pursuant to subsection (b); and

"(2) make the determinations required by subsection (d).

"(d) Remedies.—The failure of a contractor under a covered contract to comply with the requirements of the regulations prescribed under subsection (a) or the contract clause inserted in a covered contract pursuant to subsection (b), as determined by the contracting officer for the covered contract—

"(1) shall be included in appropriate databases of past performance and considered in any responsibility determination or evaluation of the past performance of the contractor for the purpose of a contract award decision, as provided in section 1126 of title 41, United States Code;

"(2) in the case of an award fee contract—

"(A) shall be considered in any evaluation of contract performance by the contractor for the relevant award fee period; and

"(B) may be a basis for reducing or denying award fees for such period, or for recovering all or part of award fees previously paid for such period; and

"(3) in the case of a failure to comply that is severe, prolonged, or repeated—

"(A) shall be referred to the suspension or debarment official for the appropriate agency; and

"(B) may be a basis for suspension or debarment of the contractor.

"(e) Rule of Construction.—The duty of a contractor under a covered contract to comply with the requirements of the regulations prescribed under subsection (a) and the contract clause inserted into a covered contract pursuant to subsection (b), and the availability of the remedies provided in subsection (d), shall not be reduced or diminished by the failure of a higher or lower tier contractor under such contract to comply with such requirements, or by a failure of the contracting activity to provide the oversight required by subsection (c).

"(f) Areas of Combat Operations or Other Significant Military Operations.—

"(1) Designation.—The Secretary of Defense shall designate the areas constituting either an area of combat operations or other significant military operations for purposes of this section by not later than 120 days after the date of the enactment of this Act [Jan. 28, 2008]. In making designations under this paragraph, the Secretary shall ensure that an area is not designated in whole or part as both an area of combat operations and an area of other significant military operations.

"(2) Other significant military operations.—For purposes of this section, the term 'other significant military operations' means activities, other than combat operations, as part of an overseas contingency operation that are carried out by United States Armed Forces in an uncontrolled or unpredictable high-threat environment where personnel performing security functions may be called upon to use deadly force.

"(3) Particular areas.—Iraq and Afghanistan shall be included in the areas designated as an area of combat operations or other significant military operations under paragraph (1).

"(4) Additional areas.—The Secretary may designate any additional area as an area constituting an area of combat operations or other significant military operations for purposes of this section if the Secretary determines that the presence or potential of combat operations or other significant military operations in such area warrants designation of such area as an area of combat operations or other significant military operations for purposes of this section.

"(5) Modification or elimination of designation.—The Secretary may modify or cease the designation of an area under this subsection as an area of combat operations or other significant military operations if the Secretary determines that combat operations or other significant military operations are no longer ongoing in such area.

"(g) Limitation.—With respect to an area of other significant military operations, the requirements of this section shall apply only upon agreement of the Secretary of Defense and the Secretary of State. An agreement of the Secretaries under this subsection may be made only on an area-by-area basis. With respect to an area of combat operations, the requirements of this section shall always apply.

"(h) Exceptions.—

"(1) Intelligence activities.—The requirements of this section shall not apply to contracts entered into by elements of the intelligence community in support of intelligence activities.

"(2) Nongovernmental organizations.—The requirements of this section shall not apply to a nonprofit nongovernmental organization receiving grants or cooperative agreements for activities conducted within an area of other significant military operations if the Secretary of Defense and the Secretary of State agree that such organization may be exempted. An exemption may be granted by the agreement of the Secretaries under this paragraph on an organization-by-organization or area-by-area basis. Such an exemption may not be granted with respect to an area of combat operations.

"SEC. 863. ANNUAL JOINT REPORT ON CONTRACTING IN IRAQ AND AFGHANISTAN.

"(a) In General.—Except as provided in subsection (f), every 12 months, the Secretary of Defense, the Secretary of State, and the Administrator of the United States Agency for International Development shall submit to the relevant committees of Congress a joint report on contracts in Iraq or Afghanistan.

"(b) Primary Matters Covered.—A report under this section shall, at a minimum, cover the following with respect to contracts in Iraq and Afghanistan during the reporting period:

"(1) Total number of contracts awarded.

"(2) Total number of active contracts.

"(3) Total value of all contracts awarded.

"(4) Total value of active contracts.

"(5) The extent to which such contracts have used competitive procedures.

"(6) Percentage of contracts awarded on a competitive basis as compared to established goals for competition in contingency contracting actions.

"(7) Total number of contractor personnel working on contracts at the end of each quarter of the reporting period.

"(8) Total number of contractor personnel who are performing security functions at the end of each quarter of the reporting period.

"(9) Total number of contractor personnel killed or wounded.

"(c) Additional Matters Covered.—A report under this section shall also cover the following:

"(1) The sources of information and data used to compile the information required under subsection (b).

"(2) A description of any known limitations of the data reported under subsection (b), including known limitations of the methodology and data sources used to compile the report.

"(3) Any plans for strengthening collection, coordination, and sharing of information on contracts in Iraq and Afghanistan through improvements to the common databases identified under section 861(b)(4).

"(d) Reporting Period.—A report under this section shall cover a period of not less than 12 months.

"(e) Submission of Reports.—The Secretaries and the Administrator shall submit an initial report under this section not later than February 1, 2011, and shall submit an updated report by February 1 of every year thereafter until February 1, 2015.

"(f) Exception.—If the total annual amount of obligations for contracts in Iraq and Afghanistan combined is less than $250,000,000 for the reporting period, for all three agencies combined, the Secretaries and the Administrator may submit, in lieu of a report, a letter stating the applicability of this subsection, with such documentation as the Secretaries and the Administrator consider appropriate.

"(g) Estimates.—In determining the total number of contractor personnel working on contracts under subsection (b)(6), the Secretaries and the Administrator may use estimates for any category of contractor personnel for which they determine it is not feasible to provide an actual count. The report shall fully disclose the extent to which estimates are used in lieu of an actual count.

"SEC. 864. DEFINITIONS AND OTHER GENERAL PROVISIONS.

"(a) Definitions.—In this subtitle:

"(1) Matters relating to contracting.—The term 'matters relating to contracting', with respect to contracts in Iraq and Afghanistan, means all matters relating to awarding, funding, managing, tracking, monitoring, and providing oversight to contracts and contractor personnel.

"(2) Contract in iraq or afghanistan.—The term 'contract in Iraq or Afghanistan' means a contract with the Department of Defense, the Department of State, or the United States Agency for International Development, a subcontract at any tier issued under such a contract, a task order or delivery order at any tier issued under such a contract, a grant, or a cooperative agreement (including a contract, subcontract, task order, delivery order, grant, or cooperative agreement issued by another Government agency for the Department of Defense, the Department of State, or the United States Agency for International Development), if the contract, subcontract, task order, delivery order, grant, or cooperative agreement involves worked [sic] performed in Iraq or Afghanistan for a period longer than 30 days.

"(3) Covered contract.—The term 'covered contract' means—

"(A) a contract of a Federal agency for the performance of services in an area of combat operations, as designated by the Secretary of Defense under subsection (c) of section 862;

"(B) a subcontract at any tier under such a contract;

"(C) a task order or delivery order issued under such a contract or subcontract;

"(D) a grant for the performance of services in an area of combat operations, as designated by the Secretary of Defense under subsection (c) of section 862; or

"(E) a cooperative agreement for the performance of services in such an area of combat operations.

"(4) Contractor.—The term 'contractor', with respect to a covered contract, means—

"(A) in the case of a covered contract that is a contract, subcontract, task order, or delivery order, the contractor or subcontractor carrying out the covered contract;

"(B) in the case of a covered contract that is a grant, the grantee; and

"(C) in the case of a covered contract that is a cooperative agreement, the recipient.

"(5) Contractor personnel.—The term 'contractor personnel' means any person performing work under contract for the Department of Defense, the Department of State, or the United States Agency for International Development, in Iraq or Afghanistan, including individuals and subcontractors at any tier.

"(6) Private security functions.—The term 'private security functions' means activities engaged in by a contractor under a covered contract as follows:

"(A) Guarding of personnel, facilities, or property of a Federal agency, the contractor or subcontractor, or a third party.

"(B) Any other activity for which personnel are required to carry weapons in the performance of their duties.

"(7) Relevant committees of congress.—The term 'relevant committees of Congress' means each of the following committees:

"(A) The Committees on Armed Services of the Senate and the House of Representatives.

"(B) The Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Oversight and Government Reform [now Committee on Oversight and Accountability] of the House of Representatives.

"(C) The Committee on Foreign Relations of the Senate and the Committee on Foreign Affairs of the House of Representatives.

"(D) For purposes of contracts relating to the National Foreign Intelligence Program, the Select Committee on Intelligence of the Senate and the Permanent Select Committee on Intelligence of the House of Representatives.

"(b) Classified Information.—Nothing in this subtitle shall be interpreted to require the handling of classified information or information relating to intelligence sources and methods in a manner inconsistent with any law, regulation, executive order, or rule of the House of Representatives or of the Senate relating to the handling or protection of such information."

CHAPTER 341—ACQUISITION OF SERVICES GENERALLY

        

Editorial Notes

Prior Provisions

A prior chapter 341 "CONTRACTING FOR PERFORMANCE OF CIVILIAN COMMERCIAL OR INDUSTRIAL TYPE FUNCTIONS", consisting of reserved section 4501, was repealed by Pub. L. 116–283, div. A, title XVIII, §1856(b), Jan. 1, 2021, 134 Stat. 4273.

Another prior chapter 341 was renumbered chapter 721 of this title.

Statutory Notes and Related Subsidiaries

Preventing Conflicts of Interest for Entities That Provide Certain Consulting Services to the Department of Defense

Pub. L. 118–31, div. A, title VIII, §812, Dec. 22, 2023, 137 Stat. 323, provided that:

"(a) In General.—

"(1) Certification.—Not later than 180 days after the date of the enactment of this Act [Dec. 22, 2023], the Secretary of Defense shall amend the Department of Defense Supplement to the Federal Acquisition Regulation to require any entity that provides consulting services and is assigned a North American Industry Classification System code beginning with 5416, after the effective date of such amendment and before entering into a covered contract, to certify that—

"(A) neither the entity nor any subsidiaries or affiliates of the entity (as that term is defined in section 2.101 of the Federal Acquisition Regulation) hold a contract for consulting services with one or more covered foreign entities; or

"(B) the entity maintains a Conflict of Interest Mitigation plan described under subsection (b) that is auditable by a contract oversight entity.

"(2) Prohibition.—The Secretary of Defense may not enter into a covered contract with an entity described in paragraph (1) that is unable to make the certification required under such paragraph.

"(b) Conflict of Interest Mitigation Plan.—A Conflict of Interest Mitigation plan described under this subsection shall include—

"(1) an identification, where such identification is not otherwise prohibited by law or regulation, of any covered contracts of an entity described in subsection (a) with a covered foreign entity;

"(2) a written analysis, including a course of action for avoiding, neutralizing, or mitigating the actual or potential conflict of interest of such a covered contract with the Department of Defense;

"(3) a description of the procedures adopted by an entity to ensure that individuals who will be performing a covered contract will not, for the duration of such contract, also provide any consulting services to any covered foreign entity; and

"(4) a description of the procedures by which an entity will submit to the contract oversight entities a notice of an unmitigated conflict of interest with respect to a covered contract within 15 days of determining that such a conflict has arisen.

"(c) Alternative Identification of Covered Foreign Entities.—If an entity is unable to identify covered foreign entities under subsection (b)(1) due to confidentiality obligations, the entity shall identify any such covered foreign entity as an entity described in subparagraphs (A) through (F) of subsection (f)(4) in the Conflict of Interest Mitigation plan.

"(d) Notification.—Before determining to withhold an award of a covered contract based on a conflict of interest under this section that cannot be avoided or mitigated, the contracting officer for the contract shall notify the offeror of the reasons for such withholding and allow the offeror a reasonable opportunity to respond. If the contracting officer for the contract finds that it is in the best interests of the United States to award the contract notwithstanding such a conflict of interest, a request for waiver shall be submitted in accordance with section 9.503 of title 48, Code of Federal Regulations. The waiver request and decision shall be included in the contract file.

"(e) Waiver.—

"(1) Authority.—The Secretary of Defense may issue a waiver with respect to the requirements of this section for the award of a covered contract on a case-by-case basis as may be necessary in the interest of national security. The Secretary of Defense may not delegate the authority under this subsection to an official who has not been Presidentially appointed and confirmed by the Senate.

"(2) Waiver notification.—Not later than 30 days after issuing a waiver under this subsection, the Secretary of Defense shall provide a written notification to the Committee on Armed Services of the Senate and the Committee on Armed Services of the House of Representatives regarding the use of such waiver authority. The notification shall include—

"(A) the specific justification for providing the waiver;

"(B) an identification of the covered foreign entity that is the subject of the waiver request;

"(C) the number of bidders for the covered contract for which the waiver was granted;

"(D) the number of bidders for the covered contract that did not request a waiver; and

"(E) the total dollar value of the covered contract.

"(f) Definitions.—In this section:

"(1) The term 'consulting services' has the meaning given the term 'advisory and assistance services' in section 2.101 of the Federal Acquisition Regulation, except that the term does not include the provision of products or services related to—

"(A) compliance with legal, audit, accounting, tax, reporting, or other requirements of the laws and standards of countries; or

"(B) participation in a judicial, legal, or equitable dispute resolution proceeding.

"(2) The term 'contract oversight entity' means any of the following:

"(A) The contracting officer.

"(B) The contracting officer representative.

"(C) The Defense Contract Management Agency.

"(D) The Defense Contract Audit Agency.

"(E) The Office of Inspector General of the Department of Defense or any subcomponent of such office.

"(F) The Government Accountability Office.

"(3) The term 'covered contract' means a contract of the Department of Defense for consulting services.

"(4) The term 'covered foreign entity' means any of the following:

"(A) The Government of the People's Republic of China, the Chinese Communist Party, the People's Liberation Army, the Ministry of State Security, or other security service or intelligence agency of the People's Republic of China.

"(B) The Government of the Russian Federation or any entity sanctioned by the Secretary of the Treasury under Executive Order 13662 titled 'Blocking Property of Additional Persons Contributing to the Situation in Ukraine' (79 Fed. Reg. 16169) [listed in a table under section 1701 of Title 50, War and National Defense].

"(C) The government of any country if the Secretary of State determines that such government has repeatedly provided support for acts of international terrorism pursuant to any of the following:

"(i) Section 1754(c)(1)(A) of the Export Control Reform Act of 2018 (50 U.S.C. 4318(c)(1)(A)) [sic; probably should be "(50 U.S.C. 4813(c)(1)(A))"].

"(ii) Section 620A of the Foreign Assistance Act of 1961 (22 U.S.C. 2371).

"(iii) Section 40 of the Arms Export Control Act (22 U.S.C. 2780).

"(iv) Any other provision of law.

"(D) Any entity included on any of the following lists maintained by the Department of Commerce:

"(i) The Entity List set forth in Supplement No. 4 to part 744 of the Export Administration Regulations.

"(ii) The Denied Persons List as described in section 764.3(a)(2) of the Export Administration Regulations.

"(iii) The Unverified List set forth in Supplement No. 6 to part 744 of the Export Administration Regulations.

"(iv) The Military End User List set forth in Supplement No. 7 to part 744 of the Export Administration Regulations.

"(E) Any entity identified by the Secretary of Defense pursuant to section 1237(b) of the Strom Thurmond National Defense Authorization Act for Fiscal Year 1999 (Public Law 105–261; 50 U.S.C. 1701 note).

"(F) Any entity on the Non-SDN Chinese Military-Industrial Complex Companies List (NS–CMIC List) maintained by the Office of Foreign Assets Control of the Department of the Treasury under Executive Order 14032 (86 Fed. Reg. 30145; relating to addressing the threat from securities investments that finance certain companies of the People's Republic of China), or any successor order."

Contracts for Studies, Analysis, or Consulting Services Entered Into Without Competition on the Basis of an Unsolicited Proposal

Pub. L. 114–113, div. C, title VIII, §8039, Dec. 18, 2015, 129 Stat. 2359, provided that:

"None of the funds appropriated by this Act [div. C of Pub. L. 114–113, see Tables for classification] and hereafter shall be available for a contract for studies, analysis, or consulting services entered into without competition on the basis of an unsolicited proposal unless the head of the activity responsible for the procurement determines—

"(1) as a result of thorough technical evaluation, only one source is found fully qualified to perform the proposed work;

"(2) the purpose of the contract is to explore an unsolicited proposal which offers significant scientific or technological promise, represents the product of original thinking, and was submitted in confidence by one source; or

"(3) the purpose of the contract is to take advantage of unique and significant industrial accomplishment by a specific concern, or to insure that a new product or idea of a specific concern is given financial support: Provided, That this limitation shall not apply to contracts in an amount of less than $25,000, contracts related to improvements of equipment that is in development or production, or contracts as to which a civilian official of the Department of Defense, who has been confirmed by the Senate, determines that the award of such contract is in the interest of the national defense."

Competition for Religious Services Contracts

Pub. L. 114–92, div. A, title VIII, §898, Nov. 25, 2015, 129 Stat. 955, provided that: "The Department of Defense may not preclude a non-profit organization from competing for a contract for religious related services on a United States military installation."

Requirements for Risk Assessments Related to Contractor Performance

Pub. L. 112–239, div. A, title VIII, §846, Jan. 2, 2013, 126 Stat. 1848, provided that:

"(a) Risk Assessments for Contractor Performance in Operational or Contingency Plans.—The Secretary of Defense shall require that a risk assessment on reliance on contractors be included in operational or contingency plans developed by a commander of a combatant command in executing the responsibilities prescribed in section 164 of title 10, United States Code. Such risk assessments shall address, at a minimum, the potential risks listed in subsection (c).

"(b) Comprehensive Risk Assessments and Mitigation Plans for Contractor Performance in Support of Overseas Contingency Operations.—

"(1) In general.—Subject to paragraphs (2) and (3), not later than six months after the commencement or designation of a contingency operation outside the United States that includes or is expected to include combat operations, the head of each covered agency shall perform a comprehensive risk assessment and develop a risk mitigation plan for operational and political risks associated with contractor performance of critical functions in support of the operation for such covered agency.

"(2) Exceptions.—Except as provided in paragraph (3), a risk assessment and risk mitigation plan shall not be required under paragraph (1) for an overseas contingency operation if—

"(A) the operation is not expected to continue for more than one year; and

"(B) the total amount of obligations for contracts for support of the operation for the covered agency is not expected to exceed $250,000,000.

"(3) Termination of exceptions.—Notwithstanding paragraph (2), the head of a covered agency shall perform a risk assessment and develop a risk mitigation plan under paragraph (1) for an overseas contingency operation with regard to which a risk assessment and risk mitigation plan has not previously been performed under paragraph (1) not later than 60 days after the date on which—

"(A) the operation has continued for more than one year; or

"(B) the total amount of obligations for contracts for support of the operation for the covered agency exceeds $250,000,000.

"(c) Comprehensive Risk Assessments.—A comprehensive risk assessment under subsection (b) shall consider, at a minimum, risks relating to the following:

"(1) The goals and objectives of the operation (such as risks from contractor behavior or performance that may injure innocent members of the local population or offend their sensibilities).

"(2) The continuity of the operation (such as risks from contractors refusing to perform or being unable to perform when there may be no timely replacements available).

"(3) The safety of military and civilian personnel of the United States if the presence or performance of contractor personnel creates unsafe conditions or invites attack.

"(4) The safety of contractor personnel employed by the covered agency.

"(5) The managerial control of the Government over the operation (such as risks from over-reliance on contractors to monitor other contractors or inadequate means for Government personnel to monitor contractor performance).

"(6) The critical organic or core capabilities of the Government, including critical knowledge or institutional memory of key operations areas and subject-matter expertise.

"(7) The ability of the Government to control costs, avoid organizational or personal conflicts of interest, and minimize waste, fraud, and abuse.

"(d) Risk Mitigation Plans.—A risk mitigation plan under subsection (b) shall include, at a minimum, the following:

"(1) For each high-risk area identified in the comprehensive risk assessment for the operation performed under subsection (b)—

"(A) specific actions to mitigate or reduce such risk, including the development of alternative capabilities to reduce reliance on contractor performance of critical functions;

"(B) measurable milestones for the implementation of planned risk mitigation or risk reduction measures; and

"(C) a process for monitoring, measuring, and documenting progress in mitigating or reducing risk.

"(2) A continuing process for identifying and addressing new and changed risks arising in the course of the operation, including the periodic reassessment of risks and the development of appropriate risk mitigation or reduction plans for any new or changed high-risk area identified.

"(e) Critical Functions.—For purposes of this section, critical functions include, at a minimum, the following:

"(1) Private security functions, as that term is defined in section 864(a)(6) of the National Defense Authorization Act for Fiscal Year 2008 [Pub. L. 110–181] (10 U.S.C. 2302 note) [now 10 U.S.C. 4571 note prec.].

"(2) Training and advising Government personnel, including military and security personnel, of a host nation.

"(3) Conducting intelligence or information operations.

"(4) Any other functions that are closely associated with inherently governmental functions, including the functions set forth in section 7.503(d) of the Federal Acquisition Regulation.

"(5) Any other functions that are deemed critical to the success of the operation.

"(f) Covered Agency.—In this section, the term 'covered agency' means the Department of Defense, the Department of State, and the United States Agency for International Development."

Requirements for the Acquisition of Services

Pub. L. 111–383, div. A, title VIII, §863(a)–(h), Jan. 7, 2011, 124 Stat. 4293, 4294, as amended by Pub. L. 112–81, div. A, title IX, §933(c), Dec. 31, 2011, 125 Stat. 1544; Pub. L. 112–239, div. A, title X, §1076(a)(18), Jan. 2, 2013, 126 Stat. 1949, provided that:

"(a) Establishment of Requirements Processes for the Acquisition of Services.—The Secretary of Defense shall ensure that the military departments and Defense Agencies each establish a process for identifying, assessing, reviewing, and validating requirements for the acquisition of services.

"(b) Operational Requirements.—With regard to requirements for the acquisition of services in support of combatant commands and military operations, the Secretary shall ensure—

"(1) that the Chief of Staff of the Army, the Chief of Naval Operations, the Chief of Staff of the Air Force, and the Commandant of the Marine Corps implement and bear chief responsibility for carrying out, within the Armed Force concerned, the process established pursuant to subsection (a) for such Armed Force; and

"(2) that commanders of unified combatant commands and other officers identified or designated as joint qualified officers have an opportunity to participate in the process of each military department to provide input on joint requirements for the acquisition of services.

"(c) Supporting Requirements.—With regard to requirements for the acquisition of services not covered by subsection (b), the Secretary shall ensure that the secretaries of the military departments and the heads of the Defense Agencies implement and bear chief responsibility for carrying out, within the military department or Defense Agency concerned, the process established pursuant to subsection (a) for such military department or Defense Agency.

"(d) Implementation Plans Required.—The Secretary shall ensure that an implementation plan is developed for each process established pursuant to subsection (a) that addresses, at a minimum, the following:

"(1) The organization of such process.

"(2) The level of command responsibility required for identifying, assessing, reviewing, and validating requirements for the acquisition of services in accordance with the requirements of this section and the categories established under section 2330(a)(1)(C) of title 10, United States Code [now 10 U.S.C. 4501(d)].

"(3) The composition of positions necessary to operate such process.

"(4) The training required for personnel engaged in such process.

"(5) The relationship between doctrine and such process.

"(6) Methods of obtaining input on joint requirements for the acquisition of services.

"(7) Procedures for coordinating with the acquisition process.

"(8) Considerations relating to opportunities for strategic sourcing.

"(9) Considerations relating to total force management policies and procedures established under section 129a of title 10, United States Code.

"(e) Matters Required in Implementation Plan.—Each plan required under subsection (d) shall provide for initial implementation of a process for identifying, assessing, reviewing, and validating requirements for the acquisition of services not later than one year after the date of the enactment of this Act [Jan. 7, 2011] and shall provide for full implementation of such process at the earliest date practicable.

"(f) Consistency With Joint Guidance.—Whenever, at any time, guidance is issued by the Chairman of the Joint Chiefs of Staff relating to requirements for the acquisition of services in support of combatant commands and military operations, each process established pursuant to subsection (a) shall be revised in accordance with such joint guidance.

"(g) Definition.—The term 'requirements for the acquisition of services' means objectives to be achieved through acquisitions primarily involving the procurement of services.

"(h) Review of Supporting Requirements To Identify Savings.—The secretaries of the military departments and the heads of the Defense Agencies shall review and validate each requirement described in subsection (c) with an anticipated cost in excess of $10,000,000 with the objective of identifying unneeded or low priority requirements that can be reduced or eliminated, with the savings transferred to higher priority objectives. Savings identified and transferred to higher priority objectives through review and revalidation under this subsection shall count toward the savings objectives established in the June 4, 2010, guidance of the Secretary of Defense on improved operational efficiencies and the annual reduction in funding for service support contractors required by the August 16, 2010, guidance of the Secretary of Defense on efficiency initiatives. As provided by the Secretary, cost avoidance shall not count toward these objectives."

Independent Management Reviews of Contracts for Services

Pub. L. 110–181, div. A, title VIII, §808, Jan. 28, 2008, 122 Stat. 215, as amended by Pub. L. 111–383, div. A, title X, §1075(f)(3), Jan. 7, 2011, 124 Stat. 4376; Pub. L. 115–232, div. A, title VIII, §812(b)(23), Aug. 13, 2018, 132 Stat. 1849, provided that:

"(a) Guidance and Instructions.—Not later than 180 days after the date of the enactment of this Act [Jan. 28, 2008], the Secretary of Defense shall issue guidance, with detailed implementation instructions, for the Department of Defense to provide for periodic independent management reviews of contracts for services. The independent management review guidance and instructions issued pursuant to this subsection shall be designed to evaluate, at a minimum—

"(1) contract performance in terms of cost, schedule, and requirements;

"(2) the use of contracting mechanisms, including the use of competition, the contract structure and type, the definition of contract requirements, cost or pricing methods, the award and negotiation of task orders, and management and oversight mechanisms;

"(3) the contractor's use, management, and oversight of subcontractors;

"(4) the staffing of contract management and oversight functions; and

"(5) the extent of any pass-throughs, and excessive pass-through charges (as defined in section 852 of the John Warner National Defense Authorization Act for Fiscal Year 2007 [Pub. L. 109–364, 10 U.S.C. 3761 note prec.]), by the contractor.

"(b) Additional Subject of Review.—In addition to the matters required by subsection (a), the guidance and instructions issued pursuant to subsection (a) shall provide for procedures for the periodic review of contracts under which one contractor provides oversight for services performed by other contractors. In particular, the procedures shall be designed to evaluate, at a minimum—

"(1) the extent of the agency's reliance on the contractor to perform acquisition functions closely associated with inherently governmental functions as defined in section 2383(b)(3) of title 10, United States Code [now 10 U.S.C. 4508(b)(3)]; and

"(2) the financial interest of any prime contractor performing acquisition functions described in paragraph (1) in any contract or subcontract with regard to which the contractor provided advice or recommendations to the agency.

"(c) Elements.—The guidance and instructions issued pursuant to subsection (a) shall address, at a minimum—

"(1) the contracts subject to independent management reviews, including any applicable thresholds and exceptions;

"(2) the frequency with which independent management reviews shall be conducted;

"(3) the composition of teams designated to perform independent management reviews;

"(4) any phase-in requirements needed to ensure that qualified staff are available to perform independent management reviews;

"(5) procedures for tracking the implementation of recommendations made by independent management review teams; and

"(6) procedures for developing and disseminating lessons learned from independent management reviews."

[(d) Repealed. Pub. L. 115–232, div. A, title VIII, §812(b)(23), Aug. 13, 2018, 132 Stat. 1849.]

Limitation on Contracts for the Acquisition of Certain Services

Pub. L. 109–364, div. A, title VIII, §832, Oct. 17, 2006, 120 Stat. 2331, as amended by Pub. L. 110–181, div. A, title VIII, §883, Jan. 28, 2008, 122 Stat. 264; Pub. L. 110–417, [div. A], title X, §1061(b)(5), Oct. 14, 2008, 122 Stat. 4613; Pub. L. 113–291, div. A, title X, §1071(b)(3)(A), Dec. 19, 2014, 128 Stat. 3506, provided that:

"(a) Limitation.—Except as provided in subsection (b), the Secretary of Defense may not enter into a service contract to acquire a military flight simulator.

"(b) Waiver.—The Secretary of Defense may waive subsection (a) with respect to a contract if the Secretary—

"(1) determines that a waiver is in the national interest; and

"(2) provides to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] an economic analysis as described in subsection (c) at least 30 days before the waiver takes effect.

"(c) Economic Analysis.—The economic analysis provided under subsection (b) shall include, at a minimum, the following:

"(1) A clear explanation of the need for the contract.

"(2) An examination of at least two alternatives for fulfilling the requirements that the contract is meant to fulfill, including the following with respect to each alternative:

"(A) A rationale for including the alternative.

"(B) A cost estimate of the alternative and an analysis of the quality of each cost estimate.

"(C) A discussion of the benefits to be realized from the alternative.

"(D) A best value determination of each alternative and a detailed explanation of the life-cycle cost calculations used in the determination.

"(d) Definitions.—In this section:

"(1) The term 'military flight simulator' means any major system to simulate the form, fit, and function of a military aircraft that has no commonly available commercial variant.

"(2) The term 'service contract' means any contract entered into by the Department of Defense the principal purpose of which is to furnish services in the United States through the use of service employees.

"(3) The term 'service employees' has the meaning provided in section 6701(3) of title 41, United States Code.

"(e) Effect on Existing Contracts.—The limitation in subsection (a) does not apply to any service contract of a military department to acquire a military flight simulator, or to any renewal or extension of, or follow-on contract to, such a contract, if—

"(1) the contract was in effect as of October 17, 2006;

"(2) the number of flight simulators to be acquired under the contract (or renewal, extension, or follow-on) will not result in the total number of flight simulators acquired by the military department concerned through service contracts to exceed the total number of flight simulators to be acquired under all service contracts of such department for such simulators in effect as of October 17, 2006; and

"(3) in the case of a renewal or extension of, or follow-on contract to, the contract, the Secretary of the military department concerned provides to the congressional defense committees a written notice of the decision to exercise an option to renew or extend the contract, or to issue a solicitation for bids or proposals using competitive procedures for a follow-on contract, and an economic analysis as described in subsection (c) supporting the decision, at least 30 days before carrying out such decision."

Improvements in Procurements of Services

Pub. L. 106–398, §1 [[div. A], title VIII, §821], Oct. 30, 2000, 114 Stat. 1654, 1654A-217, as amended by Pub. L. 108–136, div. A, title XIV, §1431(c), Nov. 24, 2003, 117 Stat. 1672; Pub. L. 115–232, div. A, title VIII, §836(f)(2), Aug. 13, 2018, 132 Stat. 1871, provided that:

"(a) Preference for Performance-Based Service Contracting.—Not later than 180 days after the date of the enactment of this Act [Oct. 30, 2000], the Federal Acquisition Regulation issued in accordance with sections 6 and 25 of the Office of Federal Procurement Policy Act ([former] 41 U.S.C. 405 and 421) [see 41 U.S.C. 1121 and 1303] shall be revised to establish a preference for use of contracts and task orders for the purchase of services in the following order of precedence:

"(1) A performance-based contract or performance-based task order that contains firm fixed prices for the specific tasks to be performed.

"(2) Any other performance-based contract or performance-based task order.

"(3) Any contract or task order that is not a performance-based contract or a performance-based task order.

"[(b) Repealed. Pub. L. 108–136, div. A, title XIV, §1431(c), Nov. 24, 2003, 117 Stat. 1672.]

"(c) Centers of Excellence in Service Contracting.—Not later than 180 days after the date of the enactment of this Act [Oct. 30, 2000], the Secretary of each military department shall establish at least one center of excellence in contracting for services. Each center of excellence shall assist the acquisition community by identifying, and serving as a clearinghouse for, best practices in contracting for services in the public and private sectors.

"(d) Enhanced Training in Service Contracting.—(1) The Secretary of Defense shall ensure that classes focusing specifically on contracting for services are offered by the Defense Acquisition University and the Defense Systems Management College and are otherwise available to contracting personnel throughout the Department of Defense.

"(2) The Secretary of each military department and the head of each Defense Agency shall ensure that the personnel of the department or agency, as the case may be, who are responsible for the awarding and management of contracts for services receive appropriate training that is focused specifically on contracting for services.

"(e) Definitions.—In this section:

"(1) The term 'performance-based', with respect to a contract, a task order, or contracting, means that the contract, task order, or contracting, respectively, includes the use of performance work statements that set forth contract requirements in clear, specific, and objective terms with measurable outcomes.

"(2) The term 'Defense Agency' has the meaning given the term in section 101(a)(11) of title 10, United States Code."

§4501. Procurement of contract services: management structure

(a) Requirement for Management Structure.—The Secretary of Defense shall establish and implement a management structure for the procurement of contract services for the Department of Defense. The management structure shall provide, at a minimum, for the matters specified in subsections (b), (c), (d), and (e).

(b) Policies, Procedures, and Best Practices Guidelines.—The management structure implemented pursuant to subsection (a) shall provide that the Under Secretary of Defense for Acquisition and Sustainment shall develop and maintain (in consultation with the service acquisition executives) policies, procedures, and best practices guidelines addressing the procurement of contract services, including policies, procedures, and best practices guidelines for—

(1) acquisition planning;

(2) solicitation and contract award;

(3) requirements development and management;

(4) contract tracking and oversight;

(5) performance evaluation; and

(6) risk management.

(c) Personnel and Support.—The management structure implemented pursuant to subsection (a) shall provide that the Under Secretary shall work with the service acquisition executives and other appropriate officials of the Department of Defense—

(1) to identify the critical skills and competencies needed to carry out the procurement of contract services on behalf of the Department of Defense;

(2) to develop a comprehensive strategy for recruiting, training, and deploying employees to meet the requirements for such skills and competencies; and

(3) to ensure that the military departments and Defense Agencies have staff and administrative support that are adequate to effectively perform their duties under this section and section 4502 of this title.

(d) Contract Services Acquisition Categories.—The management structure implemented pursuant to subsection (a) shall provide that the Under Secretary shall establish contract services acquisition categories, based on dollar thresholds, for the purpose of establishing the level of review, decision authority, and applicable procedures in such categories.

(e) Oversight of Implementation.—The management structure implemented pursuant to subsection (a) shall provide that the Under Secretary shall oversee the implementation of the requirements of this section and section 4502 of this title and the policies, procedures, and best practices guidelines established pursuant to subsection (b).

(f) Contract Services.—In this section, the term "contract services" has the meaning given that term in section 4502(d)(2) of this title.

(Added Pub. L. 107–107, div. A, title VIII, §801(b)(1), Dec. 28, 2001, 115 Stat. 1174, §2330; amended Pub. L. 107–314, div. A, title X, §1062(a)(8), Dec. 2, 2002, 116 Stat. 2650; Pub. L. 109–163, div. A, title VIII, §812(a)(1), Jan. 6, 2006, 119 Stat. 3376; Pub. L. 112–239, div. A, title VIII, §845(d), Jan. 2, 2013, 126 Stat. 1848; Pub. L. 116–92, div. A, title IX, §902(51), Dec. 20, 2019, 133 Stat. 1548; renumbered §4501 and amended Pub. L. 116–283, div. A, title XVIII, §1856(c)–(e), Jan. 1, 2021, 134 Stat. 4274.)

Editorial Notes

Prior Provisions

A prior section 4501, act Aug. 10, 1956, ch. 1041, 70A Stat. 251, which related to industrial mobilization by the President in time of war, was repealed by Pub. L. 103–160, div. A, title VIII, §822(a)(2), Nov. 30, 1993, 107 Stat. 1705. See section 4882 of this title.

Amendments

2021—Pub. L. 116–283, §1856(e)(2), redesignated par. (1) of subsec. (a) as subsec. (b) and subpars. (B) to (D) of former par. (1) as subsecs. (c) to (e), respectively.

Pub. L. 116–283, §1856(d), transferred subsecs. (a)(2), (3), (b), and (c) to section 4502 of this title. Amendment notes below prior to 2021 relate to section as it read before such provisions were transferred.

Pub. L. 116–283, §1856(c), renumbered section 2330 of this title as this section.

Subsec. (a). Pub. L. 116–283, §1856(e)(1), substituted "for the matters specified in subsections (b), (c), (d), and (e)." for "for the following:".

Subsec. (b). Pub. L. 116–283, §1856(e)(3), inserted heading, substituted "The management structure implemented pursuant to subsection (a) shall provide that the Under Secretary of Defense for Acquisition and Sustainment shall develop and maintain" for "The Under Secretary of Defense for Acquisition and Sustainment shall—(A) develop and maintain", redesignated cls. (i) to (vi) as pars. (1) to (6), respectively, substituted period for semicolon at end of par. (6), and realigned margins.

Subsec. (c). Pub. L. 116–283, §1856(e)(4)(A)–(C), inserted heading, substituted "The management structure implemented pursuant to subsection (a) shall provide that the Under Secretary shall work with" for "work with" in introductory provisions, redesignated cls. (i) to (iii) as pars. (1) to (3), respectively, and realigned margins.

Subsec. (c)(3). Pub. L. 116–283, §1856(e)(4)(D), (E), substituted "under this section and section 4502 of this title." for "under this section;".

Subsec. (d). Pub. L. 116–283, §1856(e)(5), inserted heading, substituted "The management structure implemented pursuant to subsection (a) shall provide that the Under Secretary shall establish contract" for "establish contract" and period for "; and", and realigned margins.

Subsec. (e). Pub. L. 116–283, §1856(e)(6), inserted heading, substituted "The management structure implemented pursuant to subsection (a) shall provide that the Under Secretary shall oversee the" for "oversee the" and "subsection (b)" for "subparagraph (A)", inserted "and section 4502 of this title" after "of this section", and realigned margins.

Subsec. (f). Pub. L. 116–283, §1856(e)(7), added subsec. (f).

2019—Subsecs. (a)(1), (3), (b)(2), (3)(A). Pub. L. 116–92 substituted "Under Secretary of Defense for Acquisition and Sustainment" for "Under Secretary of Defense for Acquisition, Technology, and Logistics".

2013—Subsec. (c)(2). Pub. L. 112–239 substituted "including services in support of contingency operations. The term does not include services relating to research and development or military construction." for "other than services relating to research and development or military construction."

2006—Pub. L. 109–163 amended section generally. Prior to amendment, section consisted of subsecs. (a) to (c) relating to requirement for management structure, contracting responsibilities of designated officials, and definitions.

2002—Subsec. (c). Pub. L. 107–314 inserted comma after "a task order".

Statutory Notes and Related Subsidiaries

Effective Date of 2021 Amendment

Amendment by Pub. L. 116–283 effective Jan. 1, 2022, with additional provisions for delayed implementation and applicability of existing law, see section 1801(d) of Pub. L. 116–283, set out as a note preceding section 3001 of this title.

§4502. Procurement of contract services: senior officials responsible for management of acquisition of contract services

(a) Senior Officials.—The management structure implemented pursuant to section 4501 of this title shall provide for the following:

(1) The service acquisition executive of each military department shall be the senior official responsible for the management of acquisition of contract services for or on behalf of the military department.

(2) The Under Secretary of Defense for Acquisition and Sustainment shall be the senior official responsible for the management of acquisition of contract services for or on behalf of the Defense Agencies and other components of the Department of Defense outside the military departments.

(b) Duties and Responsibilities of Senior Officials Responsible for the Management of Acquisition of Contract Services.—(1) Except as provided in paragraph (2), the senior officials responsible for the management of acquisition of contract services shall assign responsibility for the review and approval of procurements in each contract services acquisition category established under section 4501(d) of this title to specific Department of Defense officials, subject to the direction, supervision, and oversight of such senior officials.

(2) With respect to the acquisition of contract services by a component or command of the Department of Defense the primary mission of which is the acquisition of products and services, such acquisition shall be conducted in accordance with policies, procedures, and best practices guidelines developed and maintained by the Under Secretary of Defense for Acquisition and Sustainment pursuant to section 4501 of this title, subject to oversight by the senior officials referred to in paragraph (1).

(c) Duties and Responsibilities.—In carrying out subsection (b)(1), each senior official responsible for the management of acquisition of contract services shall—

(1) implement the requirements of this section and section 4501 of this title and the policies, procedures, and best practices guidelines developed by the Under Secretary of Defense for Acquisition and Sustainment pursuant to section 4501(b) of this title;

(2) authorize the procurement of contract services through contracts entered into by agencies outside the Department of Defense in appropriate circumstances, in accordance with the requirements of section 854 of the Ronald W. Reagan National Defense Authorization Act for Fiscal Year 2005 (10 U.S.C. 2304 note), section 814 of the Strom Thurmond National Defense Authorization Act for Fiscal Year 1999 (31 U.S.C. 1535 note), and the regulations implementing such sections;

(3) dedicate full-time commodity managers to coordinate the procurement of key categories of services;

(4) ensure that contract services are procured by means of procurement actions that are in the best interests of the Department of Defense and are entered into and managed in compliance with applicable laws, regulations, directives, and requirements;

(5) ensure that competitive procedures and performance-based contracting are used to the maximum extent practicable for the procurement of contract services; and

(6) monitor data collection under section 4505 of this title, and periodically conduct spending analyses, to ensure that funds expended for the procurement of contract services are being expended in the most rational and economical manner practicable.

(d) Definitions.—In this section:

(1) The term "procurement action" includes the following actions:

(A) Entry into a contract or any other form of agreement.

(B) Issuance of a task order, delivery order, or military interdepartmental purchase request.

(2) The term "contract services" includes all services acquired from private sector entities by or for the Department of Defense, including services in support of contingency operations. The term does not include services relating to research and development or military construction.

(Added and amended Pub. L. 116–283, div. A, title XVIII, §1856(d), (f), Jan. 1, 2021, 134 Stat. 4274, 4275; Pub. L. 117–81, div. A, title XVII, §1701(b)(19)(A), Dec. 27, 2021, 135 Stat. 2135.)

Editorial Notes

References in Text

Section 854 of the Ronald W. Reagan National Defense Authorization Act for Fiscal Year 2005, referred to in subsec. (c)(2), is section 854 of div. A of Pub. L. 108–375, which is set out as a note under section 2304 of this title.

Section 814 of the Strom Thurmond National Defense Authorization Act for Fiscal Year 1999, referred to in subsec. (c)(2), is section 814 of div. A of Pub. L. 105–261, which was formerly set out as a note under section 1535 of Title 31, Money and Finance.

Codification

The text of subsecs. (a)(2), (3), (b), and (c) of section 4501 of this title, which was transferred to this section by Pub. L. 116–283, §1856(d), was based on Pub. L. 107–107, div. A, title VIII, §801(b)(1), Dec. 28, 2001, 115 Stat. 1174, §2330; Pub. L. 107–314, div. A, title X, §1062(a)(8), Dec. 2, 2002, 116 Stat. 2650; Pub. L. 109–163, div. A, title VIII, §812(a)(1), Jan. 6, 2006, 119 Stat. 3376; Pub. L. 112–239, div. A, title VIII, §845(d), Jan. 2, 2013, 126 Stat. 1848; Pub. L. 116–92, div. A, title IX, §902(51)(B)–(D), Dec. 20, 2019, 133 Stat. 1549; renumbered §4501, Pub. L. 116–283, div. A, title XVIII, §1856(c), Jan. 1, 2021, 134 Stat. 4274. Amendment notes prior to 2021 relevant to this section can be found under section 4501 of this title.

Prior Provisions

A prior section 4502, act Aug. 10, 1956, ch. 1041, 70A Stat. 252, which related to maintenance by Secretary of the Army of lists of plants equipped to manufacture arms or ammunition and of plants convertible into ammunition factories and provided for a Board on Mobilization of Industries Essential for Military Preparedness, was repealed by Pub. L. 103–160, div. A, title VIII, §822(a)(2), Nov. 30, 1993, 107 Stat. 1705. See sections 4883 and 4884 of this title.

Prior sections 4503 and 4504 were repealed by Pub. L. 103–160, div. A, title VIII, §§822(c)(2), 827(c), Nov. 30, 1993, 107 Stat. 1707, 1713.

Section 4503, act Aug. 10, 1956, ch. 1041, 70A Stat. 252, related to research and development programs of the Army.

Section 4504, act Aug. 10, 1956, ch. 1041, 70A Stat. 252, related to procurement of ordnance, signal, and chemical warfare supplies for experimental purposes by Secretary of the Army. See section 4004 of this title.

Amendments

2021—Pub. L. 116–283, §1856(d), transferred subsecs. (a)(2), (3), (b), and (c) of section 4501 of this title to this section and inserted subsec. (a) designation, heading, and introductory provisions.

Subsec. (a). Pub. L. 116–283, §1856(f)(1), redesignated pars. (2) and (3) as (1) and (2), respectively.

Subsec. (b)(1). Pub. L. 116–283, §1856(f)(2)(A), substituted "section 4501(d) of this title" for "subsection (a)(1)(C)".

Subsec. (b)(2). Pub. L. 116–283, §1856(f)(2)(B), substituted "section 4501 of this title" for "subsection (a)(1)".

Subsec. (b)(3). Pub. L. 116–283, §1856(f)(4), redesignated par. (3) as subsec. (c).

Subsec. (c). Pub. L. 116–283, §1856(f)(5)(A), as amended by Pub. L. 117–81, §1701(b)(19)(A), inserted heading and substituted "In carrying out subsection (b)(1)" for "In carrying out paragraph (1)" in introductory provisions.

Pub. L. 116–283, §1856(f)(4), redesignated par. (3) of subsec. (b) as subsec. (c) and subpars. (A) to (F) as pars. (1) to (6), respectively.

Pub. L. 116–283, §1856(f)(3), redesignated subsec. (c) as (d).

Subsec. (c)(1). Pub. L. 116–283, §1856(f)(5)(B), inserted "and section 4501 of this title" after "of this section" and substituted "section 4501(b) of this title" for "subsection (a)(1)(A)".

Subsec. (c)(6). Pub. L. 116–283, §1856(f)(5)(C), substituted "section 4505" for "section 2330a".

Subsec. (d). Pub. L. 116–283, §1856(f)(3), redesignated subsec. (c) as (d).

Statutory Notes and Related Subsidiaries

Effective Date of 2021 Amendment

Amendment by Pub. L. 117–81 applicable as if included in the enactment of title XVIII of Pub. L. 116–283 as enacted, see section 1701(a)(2) of Pub. L. 117–81, set out in a note preceding section 3001 of this title and Effective Date note below.

Effective Date

Section and amendment by Pub. L. 116–283 effective Jan. 1, 2022, with additional provisions for delayed implementation and applicability of existing law, see section 1801(d) of Pub. L. 116–283, set out as an Effective Date of 2021 note preceding section 3001 of this title.

§4505. Procurement of services: tracking of purchases

(a) Data Collection Required.—The Secretary of Defense shall establish a data collection system to provide management information with regard to each purchase of services by a military department or Defense Agency in excess of $3,000,000, regardless of whether such a purchase is made in the form of a contract, task order, delivery order, military interdepartmental purchase request, or any other form of interagency agreement, for services in the following service acquisition portfolio groups:

(1) Logistics management services.

(2) Equipment related services.

(3) Knowledge-based services.

(4) Electronics and communications services.

(b) Data To Be Collected.—The data required to be collected under subsection (a) includes the following:

(1) The services purchased.

(2) The total dollar amount of the purchase.

(3) The form of contracting action used to make the purchase.

(4) Whether the purchase was made through—

(A) a performance-based contract, performance-based task order, or other performance-based arrangement that contains firm fixed prices for the specific tasks to be performed;

(B) any other performance-based contract, performance-based task order, or performance-based arrangement; or

(C) any contract, task order, or other arrangement that is not performance based.

(5) In the case of a purchase made through an agency other than the Department of Defense, the agency through which the purchase is made.

(6) The extent of competition provided in making the purchase and whether there was more than one offer.

(7) Whether the purchase was made from—

(A) a small business concern;

(B) a small business concern owned and controlled by socially and economically disadvantaged individuals; or

(C) a small business concern owned and controlled by women.

(c) Inventory Summary.—(1) Not later than the end of the third quarter of each fiscal year, the Secretary of Defense shall prepare an annual inventory, and submit to Congress a summary of the inventory, of activities performed during the preceding fiscal year pursuant to staff augmentation contracts and contracts closely associated with inherently governmental functions on behalf of the Department of Defense. The guidance for compiling the inventory shall be issued by the Under Secretary of Defense for Personnel and Readiness, the Under Secretary of Defense (Comptroller), and the Under Secretary of Defense for Acquisition and Sustainment, as follows:

(A) The Under Secretary of Defense for Personnel and Readiness, as supported by the Under Secretary of Defense (Comptroller), shall be responsible for developing guidance for—

(i) the collection of data regarding functions and missions performed by contractors in a manner that is comparable to the manpower data elements used in inventories of functions performed by Department of Defense employees;

(ii) the calculation of contractor full-time equivalents for direct labor, using direct labor hours in a manner that is comparable to the calculation of Department of Defense civilian full-time employees; and

(iii) the conduct and completion of the annual review required under subsection (e)(1).

(B) The Under Secretary of Defense for Acquisition and Sustainment shall be responsible for developing guidance on other data elements and implementing procedures for requirements relating to acquisition.

(2) The entry for an activity on an inventory under this subsection shall include, for the fiscal year covered by such entry, the following:

(A) The functions and missions performed by the contractor.

(B) The contracting organization, the component of the Department of Defense administering the contract, and the organization whose requirements are being met through contractor performance of the function.

(C) The funding source for the contract under which the function is performed by appropriation and operating agency.

(D) The fiscal year for which the activity first appeared on an inventory under this section.

(E) The number of contractor employees, expressed as full-time equivalents for direct labor, using direct labor hours and associated cost data collected from contractors (except that estimates may be used where such data is not available and cannot reasonably be made available in a timely manner for the purpose of the inventory).

(F) A determination whether the contract pursuant to which the activity is performed is a personal services contract.

(G) A summary of the data required to be collected for the activity under subsection (a).

(3) The inventory required under this subsection shall be submitted in unclassified form, but may include a classified annex.

(d) Review and Planning Requirements.—Within 90 days after the date on which an inventory is submitted under subsection (c), the Secretary of the military department or head of the Defense Agency responsible for activities in the inventory shall—

(1) review the contracts and activities in the inventory for which such Secretary or agency head is responsible, with particular focus and attention on the following categories of high-risk product service codes (also referred to as Federal supply codes):

(A) Special studies or analysis that is not research and development.

(B) Information technology and telecommunications.

(C) Support, including professional, administrative, and management;

(2) ensure that—

(A) each contract on the list that is a personal services contract has been entered into, and is being performed, in accordance with applicable statutory and regulatory requirements;

(B) the activities on the list do not include any inherently governmental functions; and

(C) to the maximum extent practicable, the activities on the list do not include any functions closely associated with inherently governmental functions; and

(3) identify activities that should be considered for conversion—

(A) to performance by civilian employees of the Department of Defense pursuant to section 2463 of this title; or

(B) to an acquisition approach that would be more advantageous to the Department of Defense.

(e) Development of Plan and Enforcement and Approval Mechanisms.—The Secretary of the military department or head of the Defense Agency responsible for activities in the inventory shall develop a plan, including an enforcement mechanism and approval process, to—

(1) provide for the use of the inventory by the military department or Defense Agency to implement the requirements of section 129a of this title;

(2) ensure the inventory is used to inform strategic workforce planning;

(3) facilitate use of the inventory for compliance with section 235 ¹ of this title; and

(4) provide for appropriate consideration of the conversion of activities identified under subsection (e)(3) within a reasonable period of time.

(f) Comptroller General Report.—Not later than March 31, 2018, the Comptroller General of the United States shall submit to the congressional defense committees a report on the status of the data collection required in subsection (a) and an assessment of the efforts by the Department of Defense to implement subsection (e).

(g) Rule of Construction.—Nothing in this section shall be construed to authorize the performance of personal services by a contractor except where expressly authorized by a provision of law other than this section.

(h) Definitions.—In this section:

(1) Performance-based.—The term "performance-based", with respect to a contract, task order, or arrangement, means that the contract, task order, or arrangement, respectively, includes the use of performance work statements that set forth contract requirements in clear, specific, and objective terms with measurable outcomes.

(2) Function closely associated with inherently governmental functions.—The term "function closely associated with inherently governmental functions" has the meaning given that term in section 4508(b)(3) of this title.

(3) Inherently governmental functions.—The term "inherently governmental functions" has the meaning given that term in section 4508(b)(2) of this title.

(4) Personal services contract.—The term "personal services contract" means a contract under which, as a result of its terms or conditions or the manner of its administration during performance, contractor personnel are subject to the relatively continuous supervision and control of one or more Government officers or employees, except that the giving of an order for a specific article or service, with the right to reject the finished product or result, is not the type of supervision or control that makes a contract a personal services contract.

(5) Service acquisition portfolio groups.—The term "service acquisition portfolio groups" means the groups identified in Department of Defense Instruction 5000.74, Defense Acquisition of Services (January 5, 2016) or successor guidance.

(6) Staff augmentation contracts.—The term "staff augmentation contracts" means services contracts for personnel who are physically present in a Government work space on a full-time or permanent part-time basis, for the purpose of advising on, providing support to, or assisting a Government agency in the performance of the agency's missions, including authorized personal services contracts (as that term is defined in section 4505(g)(5) ¹ of this title).

(7) Simplified acquisition threshold.—The term "simplified acquisition threshold" has the meaning given the term in section 134 of title 41.

(8) Small business act definitions.—

(A) The term "small business concern" has the meaning given such term under section 3 of the Small Business Act (15 U.S.C. 632).

(B) The terms "small business concern owned and controlled by socially and economically disadvantaged individuals" and "small business concern owned and controlled by women" have the meanings given such terms, respectively, in section 8(d)(3) of the Small Business Act (15 U.S.C. 637(d)(3)).

(Added Pub. L. 107–107, div. A, title VIII, §801(c), Dec. 28, 2001, 115 Stat. 1176, §2330a; amended Pub. L. 110–181, div. A, title VIII, §807(a), Jan. 28, 2008, 122 Stat. 213; Pub. L. 111–84, div. A, title VIII, §803(b), Oct. 28, 2009, 123 Stat. 2402; Pub. L. 111–383, div. A, title III, §321, Jan. 7, 2011, 124 Stat. 4183; Pub. L. 112–81, div. A, title IX, §936, Dec. 31, 2011, 125 Stat. 1545; Pub. L. 113–66, div. A, title IX, §951(a), Dec. 26, 2013, 127 Stat. 839; Pub. L. 114–328, div. A, title VIII, §§812, 833(b)(2)(C)(ii), Dec. 23, 2016, 130 Stat. 2269, 2284; Pub. L. 115–91, div. A, title X, §1081(a)(30), (d)(6)(A), Dec. 12, 2017, 131 Stat. 1595, 1600; Pub. L. 115–232, div. A, title VIII, §819, Aug. 13, 2018, 132 Stat. 1853; renumbered §4505 and amended Pub. L. 116–283, div. A, title XVIII, §§1856(g), (h), 1883(b)(2), Jan. 1, 2021, 134 Stat. 4275, 4294; Pub. L. 117–81, div. A, title XVII, §1701(b)(19)(B), (d)(13), Dec. 27, 2021, 135 Stat. 2135, 2137.)

Editorial Notes

References in Text

Section 235 of this title, referred to in subsec. (e)(3), was repealed by Pub. L. 117–81, div. A, title VIII, §815(b)(1), Dec. 27, 2021, 135 Stat 1825.

Section 4505(g)(5) of this title, referred to in subsec. (h)(6), meaning subsec. (g)(5) of this section, was redesignated through a series of amendments as subsec. (h)(4) of this section.

Prior Provisions

A prior section 4505, act Aug. 10, 1956, ch. 1041, 70A Stat. 252, which related to procurement by Secretary of the Army of production equipment, was repealed by Pub. L. 103–160, div. A, title VIII, §823(1), Nov. 30, 1993, 107 Stat. 1707.

Amendments

2021—Pub. L. 116–283, §1856(g), renumbered section 2330a of this title as this section.

Subsec. (h)(2). Pub. L. 117–81, §1701(d)(13), which directed the substitution of "section 4508(b)(3)" for "section 2383(b)(3)", could not be executed because of the intervening amendment by Pub. L. 116–283, §1883(b)(2). See note below.

Pub. L. 116–283, §1883(b)(2), substituted "section 4508(b)(3)" for "section 2383(b)(3)".

Subsec. (h)(3). Pub. L. 116–283, §1856(h), as amended by Pub. L. 117–81, §1701(b)(19)(B), substituted "section 4508(b)(2)" for "section 2383(b)(2)".

Subsec. (h)(6). Pub. L. 116–283, §1883(b)(2), substituted "section 4505(g)(5)" for "section 2330a(g)(5)".

2018—Subsec. (c)(1). Pub. L. 115–232, in introductory provisions, inserted "and contracts closely associated with inherently governmental functions" after "staff augmentation contracts" and substituted "Under Secretary of Defense for Acquisition and Sustainment" for "Under Secretary of Defense for Acquisition, Technology, and Logistics".

Subsec. (c)(1)(B). Pub. L. 115–232, §819(2), substituted "Under Secretary of Defense for Acquisition and Sustainment" for "Under Secretary of Defense for Acquisition, Technology, and Logistics".

2017—Subsec. (d)(1)(C). Pub. L. 115–91, §1081(a)(30)(A), struck out period before semicolon at end.

Subsec. (h)(1). Pub. L. 115–91, §1081(a)(30)(B)(i), inserted heading.

Subsec. (h)(2) to (4). Pub. L. 115–91, §1081(d)(6)(A), amended directory language of Pub. L. 114–328, §833(b)(2)(C)(ii). See 2016 Amendment notes below.

Subsec. (h)(5). Pub. L. 115–91, §1081(a)(30)(B)(iii), inserted heading.

Pub. L. 115–91, §1081(a)(30)(B)(ii), redesignated par. (6) defining "service acquisition portfolio groups" as (5). Former par. (5) redesignated (7).

Pub. L. 115–91, §1081(d)(6)(A), amended directory language of Pub. L. 114–328, §833(b)(2)(C)(ii). See 2016 Amendment note below.

Subsec. (h)(6). Pub. L. 115–91, §1081(a)(30)(B)(iv), inserted heading.

Pub. L. 115–91, §1081(a)(30)(B)(ii), redesignated par. (7) as (6). Former par. (6) defining "service acquisition portfolio groups" redesignated (5) and former par. (6) relating to Small Business Act definitions redesignated (8).

Pub. L. 115–91, §1081(d)(6)(A), amended directory language of Pub. L. 114–328, §833(b)(2)(C)(ii). See 2016 Amendment note below.

Subsec. (h)(7). Pub. L. 115–91, §1081(a)(30)(B)(ii), redesignated par. (5) as (7). Former par. (7) redesignated (6).

Subsec. (h)(8). Pub. L. 115–91, §1081(a)(30)(B)(ii), redesignated par. (6) relating to Small Business Act definitions as (8).

2016—Subsec. (a). Pub. L. 114–328, §812(a), (b), substituted "in excess of $3,000,000" for "in excess of the simplified acquisition threshold" and ", for services in the following service acquisition portfolio groups:" for period at end and added pars. (1) to (4).

Subsec. (c). Pub. L. 114–328, §812(c)(1), substituted "Inventory Summary" for "Inventory" in heading.

Subsec. (c)(1). Pub. L. 114–328, §812(c)(2), substituted "prepare an annual inventory, and submit to Congress a summary of the inventory, of activities performed during the preceding fiscal year pursuant to staff augmentation contracts on behalf" for "submit to Congress an annual inventory of the activities performed during the preceding fiscal year pursuant to contracts for services (and pursuant to contracts for goods to the extent services are a significant component of performance as identified in a separate line item of a contract) for or on behalf".

Subsec. (d). Pub. L. 114–328, §812(d), redesignated subsec. (e) as (d) and struck out former subsec. (d). Prior to amendment, text of subsec. (d) read as follows: "Not later than 30 days after the date on which an inventory under subsection (c) is required to be submitted to Congress, the Secretary shall—

"(1) make the inventory available to the public; and

"(2) publish in the Federal Register a notice that the inventory is available to the public."

Subsec. (d)(1). Pub. L. 114–328, §812(e), inserted ", with particular focus and attention on the following categories of high-risk product service codes (also referred to as Federal supply codes):" after "responsible" and added subpars. (A) to (C).

Subsec. (e). Pub. L. 114–328, §812(d)(2), redesignated subsec. (f) as (e). Former subsec. (e) redesignated (d).

Subsec. (f). Pub. L. 114–328, §812(f), added subsec. (f). Former subsec. (f) redesignated (e).

Subsecs. (g), (h). Pub. L. 114–328, §812(d), redesignated subsecs. (i) and (j) as (g) and (h), respectively, and struck out former subsecs. (g) and (h) which related to Inspector General reports and Comptroller General reports, respectively.

Subsec. (h)(2). Pub. L. 114–328, §833(b)(2)(C)(ii)(I), (II), as amended by Pub. L. 115–91, §1081(d)(6)(A), redesignated par. (3) as (2) and struck out former par. (2). Prior to amendment, par. (2) read as follows: "The definitions set forth in section 2225(f) of this title for the terms 'simplified acquisition threshold', 'small business concern', 'small business concern owned and controlled by socially and economically disadvantaged individuals', and 'small business concern owned and controlled by women' shall apply."

Subsec. (h)(3), (4). Pub. L. 114–328, §833(b)(2)(C)(ii)(II), as amended by Pub. L. 115–91, §1081(d)(6)(A), redesignated pars. (4) and (5) as (3) and (4), respectively. Former par. (3) redesignated (2).

Subsec. (h)(5). Pub. L. 114–328, §833(b)(2)(C)(ii)(III), as amended by Pub. L. 115–91, §1081(d)(6)(A), added par. (5). Former par. (5) redesignated (4).

Subsec. (h)(6). Pub. L. 114–328, §833(b)(2)(C)(ii)(III), as amended by Pub. L. 115–91, §1081(d)(6)(A), added par. (6) relating to Small Business Act definitions.

Pub. L. 114–328, §812(g), added par. (6) defining "service acquisition portfolio groups".

Subsec. (h)(7). Pub. L. 114–328, §812(g), added par. (7).

Subsecs. (i), (j). Pub. L. 114–328, §812(d)(2), redesignated subsecs. (i) and (j) as (g) and (h), respectively.

2013—Subsecs. (g) to (j). Pub. L. 113–66 added subsecs. (g) and (h) and redesignated former subsecs. (g) and (h) as (i) and (j), respectively.

2011—Subsec. (c). Pub. L. 111–383, §321(2) to (4), substituted "The guidance for compiling the inventory shall be issued by the Under Secretary of Defense for Personnel and Readiness, the Under Secretary of Defense (Comptroller), and the Under Secretary of Defense for Acquisition, Technology, and Logistics, as follows:" for "The entry for an activity on an inventory under this subsection shall include, for the fiscal year covered by such entry, the following:" in par. (1), added new subpars. (A) and (B) to par. (1), inserted par. (2) designation and introductory provisions before former subpars. (A) to (G) of par. (1) thereby making them part of par. (2), added subpar. (E), and struck out former subpar. (E) which read as follows: "The number of full-time contractor employees (or its equivalent) paid for the performance of the activity."

Subsec. (c)(1). Pub. L. 112–81, §936(a)(1), inserted "(and pursuant to contracts for goods to the extent services are a significant component of performance as identified in a separate line item of a contract)" after "pursuant to contracts for services" in introductory provisions.

Subsec. (c)(1)(A)(ii), (iii). Pub. L. 112–81, §936(a)(2), added cls. (ii) and (iii) and struck out former cl. (ii) which read as follows: "the calculation of contractor manpower equivalents in a manner that is comparable to the calculation of full-time equivalents for use in inventories of functions performed by Department of Defense employees."

Subsec. (c)(1)(B). Pub. L. 112–81, §936(a)(3), inserted "for requirements relating to acquisition" before period at end.

Subsec. (c)(2), (3). Pub. L. 111–383, §321(1), redesignated par. (2) as (3).

Subsec. (e)(2) to (4). Pub. L. 112–81, §936(b), inserted "and" at end of par. (2), substituted period for "; and" at end of par. (3), and struck out par. (4) which read as follows: "develop a plan, including an enforcement mechanism and approval process, to provide for appropriate consideration of the conversion of activities identified under paragraph (3) within a reasonable period of time."

Subsec. (f) to (h). Pub. L. 112–81, §936(c), added subsec. (f) and redesignated former subsecs. (f) and (g) as (g) and (h), respectively.

2009—Subsec. (e)(4). Pub. L. 111–84 inserted ", including an enforcement mechanism and approval process," after "plan".

2008—Subsecs. (c) to (g). Pub. L. 110–181, §807(a)(1), (2), added subsecs. (c) to (f), redesignated former subsec. (d) as (g), and struck out heading and text of former subsec. (c). Former text read as follows: "To the maximum extent practicable, a single data collection system shall be used to collect data under this section and information under section 2225 of this title."

Subsec. (g)(3) to (5). Pub. L. 110–181, §807(a)(3), added pars. (3) to (5).

Statutory Notes and Related Subsidiaries

Effective Date of 2021 Amendment

Amendment by section 1701(b)(19)(B) of Pub. L. 117–81 applicable as if included in the enactment of title XVIII of Pub. L. 116–283 as enacted, see section 1701(a)(2) of Pub. L. 117–81, set out in a note preceding section 3001 of this title and note below.

Amendment by section 1701(d)(13) of Pub. L. 117–81 to take effect immediately after the amendments made by title XVIII of Pub. L. 116–283 have taken effect, see section 1701(a)(3) of Pub. L. 117–81, set out in a note preceding section 3001 of this title and note below.

Amendment by Pub. L. 116–283 effective Jan. 1, 2022, with additional provisions for delayed implementation and applicability of existing law, see section 1801(d) of Pub. L. 116–283, set out as a note preceding section 3001 of this title.

Effective Date of 2017 Amendment

Pub. L. 115–91, div. A, title X, §1081(d), Dec. 12, 2017, 131 Stat. 1599, provided that the amendment made by section 1081(d)(6)(A) is effective as of Dec. 23, 2016, and as if included in Pub. L. 114–328 as enacted.

Effective Date of 2008 Amendment

Pub. L. 110–181, div. A, title VIII, §807(b), Jan. 28, 2008, 122 Stat. 215, provided that:

"(1) The amendments made by subsection (a) [amending this section] shall be effective upon the date of the enactment of this Act [Jan. 28, 2008].

"(2) The first inventory required by section 2330a(c) of title 10, United States Code [now 10 U.S.C. 4505(c)], as added by subsection (a), shall be submitted not later than the end of the third quarter of fiscal year 2008."

¹ See References in Text note below.

§4506. Procurement of services: data analysis and requirements validation

(a) In General.—The Secretary of Defense, acting through the Under Secretary of Defense (Comptroller) and Director of Cost Assessment and Program Evaluation, shall ensure that—

(1) appropriate and sufficiently detailed data are collected and analyzed to support the validation of requirements for services contracts and inform the planning, programming, budgeting, and execution process of the Department of Defense;

(2) requirements for services contracts are evaluated appropriately and in a timely manner to inform decisions regarding the procurement of services; and

(3) decisions regarding the procurement of services consider available resources and total force management policies and procedures.

(b) Specification of Amounts Requested in Budget.—Effective February 1, 2023, the Secretary of Defense, acting through the Under Secretary of Defense (Comptroller) and Director of Cost Assessment and Program Evaluation, shall annually submit to Congress information on services contracts that clearly and separately identifies the amount requested for each category of services to be procured for each Defense Agency, Department of Defense Field Activity, command, or military installation. Such information shall—

(1) be submitted at or before the time of the budget submission by the President under section 1105(a) of title 31 or on the date on which the future-years defense program is submitted to Congress under section 221 of this title;

(2) cover the fiscal year covered by such budget submission by the President;

(3) be consistent with total amounts of estimated expenditures and proposed appropriations necessary to support the programs, projects, and activities of the Department of Defense included in such budget submission by the President for that fiscal year;

(4) be informed by the review of the inventory required by section 4505(c) using standard guidelines developed under subsection (d); and

(5) clearly and separately identify the amount requested and projected for the procurement of contract services for each Defense Agency, Department of Defense Field Activity, command, or military installation for the budget year and the subsequent four fiscal years in the future-years defense program submitted to Congress under section 221.

(c) Data Analysis.—(1) Each Secretary of a military department shall regularly analyze past spending patterns and anticipated future requirements with respect to the procurement of services within such military department.

(2)(A) The Secretary of Defense, acting through the Under Secretary of Defense (Comptroller) and Director of Cost Assessment and Program Evaluation, shall regularly analyze past spending patterns and anticipated future requirements with respect to the procurement of services—

(i) within each Defense Agency and Department of Defense Field Activity; and

(ii) across military departments, Defense Agencies, and Department of Defense Field Activities.

(B) The Secretaries of the military departments shall make data on services contracts available to the Secretary of Defense for purposes of conducting the analysis required under subparagraph (A).

(3) The analyses conducted under this subsection shall—

(A) identify contracts for similar services that are procured for three or more consecutive years at each Defense Agency, Department of Defense Field Activity, command, or military installation;

(B) evaluate patterns in the procurement of services, to the extent practicable, at each Defense Agency, Department of Defense Field Activity, command, or military installation and by category of services procured;

(C) be used to validate requirements for services contracts entered into after the date of the enactment of this subsection; and

(D) be used to inform decisions on the award of and funding for such services contracts.

(d) Requirements Evaluation.—(1) Each Services Requirements Review Board shall evaluate each requirement for a services contract, taking into consideration total force management policies and procedures, available resources, the analyses conducted under subsection (c), and contracting efficacy and efficiency. An evaluation of a services contract for compliance with contracting policies and procedures may not be considered to be an evaluation of a requirement for such services contract.

(2) The Secretary of Defense shall establish and issue standard guidelines within the Department of Defense for the evaluation of requirements for services contracts. Any such guidelines issued—

(A) shall be consistent with the "Handbook of Contract Function Checklists for Services Acquisition" issued by the Department of Defense in May 2018, or a successor or other appropriate policy; and

(B) shall be updated as necessary to incorporate applicable statutory changes to total force management policies and procedures and any other guidelines or procedures relating to the use of Department of Defense civilian employees to perform new functions and functions that are performed by contractors.

(3) The acquisition decision authority for each services contract shall certify—

(A) that a task order or statement of work being submitted to a contracting office is in compliance with the standard guidelines;

(B) that all appropriate statutory risk mitigation efforts have been made; and

(C) that such task order or statement of work does not include requirements formerly performed by Department of Defense civilian employees.

(4) The Inspector General of the Department of Defense may conduct annual audits to ensure compliance with this subsection.

(e) Timely Planning to Avoid Bridge Contracts.—(1) Effective October 1, 2018, the Secretary of Defense shall ensure that a requirements owner shall, to the extent practicable, plan appropriately before the date of need of a service at a Defense Agency, Department of Defense Field Activity, command, or military installation to avoid the use of a bridge contract to provide for continuation of a service to be performed through a services contract. Such planning shall include allowing time for a requirement to be validated, a services contract to be entered into, and funding for the services contract to be secured.

(2)(A) Upon the first use, due to inadequate planning (as determined by the Secretary of Defense), of a bridge contract to provide for continuation of a service to be performed through a services contract, the requirements owner, along with the contracting officer or a designee of the contracting officer for the contract, shall—

(i) for a services contract in an amount less than $10,000,000, provide an update on the status of the bridge contract (including the rationale for using the bridge contract) to the commander or the senior civilian official of the Defense Agency concerned, Department of Defense Field Activity concerned, command concerned, or military installation concerned, as applicable; or

(ii) for a services contract in an amount equal to or greater than $10,000,000, provide an update on the status of the bridge contract (including the rationale for using the bridge contract) to the service acquisition executive for the military department concerned, the head of the Defense Agency concerned, the combatant commander concerned, or the Under Secretary of Defense for Acquisition and Sustainment, as applicable.

(B) Upon the second use, due to inadequate planning (as determined by the Secretary of Defense), of a bridge contract to provide for continuation of a service to be performed through a services contract in an amount less than $10,000,000, the commander or senior civilian official referred to in subparagraph (A)(i) shall provide notification of such second use to the Vice Chief of Staff of the armed force concerned and the service acquisition executive of the military department concerned, the head of the Defense Agency concerned, the combatant commander concerned, or the Under Secretary of Defense for Acquisition and Sustainment, as applicable.

(f) Definitions.—In this section:

(1) The term "bridge contract" means—

(A) an extension to an existing contract beyond the period of performance to avoid a lapse in service caused by a delay in awarding a subsequent contract; or

(B) a new short-term contract awarded on a sole-source basis to avoid a lapse in service caused by a delay in awarding a subsequent contract.

(2) The term "requirements owner" means a member of the armed forces (other than the Coast Guard) or a civilian employee of the Department of Defense responsible for a requirement for a service to be performed through a services contract.

(3) The term "Services Requirements Review Board" has the meaning given in Department of Defense Instruction 5000.74, titled "Defense Acquisition of Services" and dated January 10, 2020, or a successor instruction.

(4) The term "acquisition decision authority" means the designated decision authority for each designated special interest services acquisition category, described in such Department of Defense Instruction.

(Added Pub. L. 115–91, div. A, title VIII, §851(a)(1), Dec. 12, 2017, 131 Stat. 1489, §2329; amended Pub. L. 115–232, div. A, title VIII, §818(a), Aug. 13, 2018, 132 Stat. 1852; Pub. L. 116–92, div. A, title VIII, §817(a), title XVII, §1731(a)(42), Dec. 20, 2019, 133 Stat. 1488, 1814; renumbered §4506 and amended Pub. L. 116–283, div. A, title XVIII, §§1856(g), 1883(b)(2), Jan. 1, 2021, 134 Stat. 4275, 4294; Pub. L. 117–81, div. A, title VIII, §815(a), Dec. 27, 2021, 135 Stat. 1824.)

Editorial Notes

References in Text

The date of the enactment of this subsection, referred to in subsec. (c)(3)(C), is the date of enactment of Pub. L. 115–91, which was approved Dec. 12, 2017.

Prior Provisions

A prior section 4506, act Aug. 10, 1956, ch. 1041, 70A Stat. 253, which related to sale, loan, or gift of samples, drawings, and information to contractors, was repealed by Pub. L. 103–160, div. A, title VIII, §822(b)(3), Nov. 30, 1993, 107 Stat. 1706.

Amendments

2021—Pub. L. 116–283, §1856(g), renumbered section 2329 of this title as this section.

Subsec. (b). Pub. L. 117–81, §815(a)(1)(A), substituted "February 1, 2023" for "October 1, 2021" in introductory provisions.

Subsec. (b)(4). Pub. L. 116–283, §1883(b)(2), substituted "section 4505(c)" for "section 2330a(c)".

Pub. L. 117–81, §815(a)(1)(B), added par. (4) and struck out former par. (4) which read as follows: "be organized using a common enterprise data structure developed under section 2222 of this title; and".

Subsec. (b)(5). Pub. L. 117–81, §815(a)(1)(B), added par. (5) and struck out former par. (5) which read as follows: "be included in the future-years defense program submitted to Congress under section 221 of this title."

Subsec. (d). Pub. L. 117–81, §815(a)(2), amended subsec. (d) generally. Prior to amendment, text read as follows: "Each Services Requirements Review Board shall evaluate each requirement for a services contract, taking into consideration total force management policies and procedures, available resources, the analyses conducted under subsection (c), and contracting efficacy and efficiency. An evaluation of a services contract for compliance with contracting policies and procedures may not be considered to be an evaluation of a requirement for such services contract."

Subsec. (f). Pub. L. 117–81, §815(a)(3), redesignated subsec. (g) as (f) and struck out former subsec. (f). Prior to amendment, text of subsec. (f) read as follows: "Except with respect to the analyses required under subsection (c), this section shall not apply to—

"(1) services contracts in support of contingency operations, humanitarian assistance, or disaster relief;

"(2) services contracts in support of a national security emergency declared with respect to a named operation; or

"(3) services contracts entered into pursuant to an international agreement."

Subsec. (f)(3). Pub. L. 117–81, §815(a)(4)(A), substituted "January 10, 2020" for "January 5, 2016".

Subsec. (f)(4). Pub. L. 117–81, §815(a)(4)(B), added par. (4).

Subsec. (g). Pub. L. 117–81, §815(a)(3), redesignated subsec. (g) as (f).

2019—Subsec. (a). Pub. L. 116–92, §817(a)(1), inserted ", acting through the Under Secretary of Defense (Comptroller) and Director of Cost Assessment and Program Evaluation," after "Secretary of Defense" in introductory provisions.

Subsec. (b). Pub. L. 116–92, §817(a)(2), inserted ", acting through the Under Secretary of Defense (Comptroller) and Director of Cost Assessment and Program Evaluation," after "Secretary of Defense" in introductory provisions.

Subsec. (c)(2)(A). Pub. L. 116–92, §817(a)(3), inserted ", acting through the Under Secretary of Defense (Comptroller) and Director of Cost Assessment and Program Evaluation," after "Secretary of Defense" in introductory provisions.

Subsec. (g)(1). Pub. L. 116–92, §1731(a)(42), substituted "term 'bridge contract' " for "term 'bridge contact' " in introductory provisions.

2018—Subsec. (b). Pub. L. 115–232, §818(a)(1), substituted "October 1, 2021" for "October 1, 2022" in introductory provisions.

Subsec. (b)(1). Pub. L. 115–232, §818(a)(2), substituted "at or before" for "at or about" and inserted "or on the date on which the future-years defense program is submitted to Congress under section 221 of this title" after "title 31".

Subsec. (b)(5). Pub. L. 115–232, §818(a)(3)–(5), added par. (5).

Statutory Notes and Related Subsidiaries

Effective Date of 2021 Amendment

Amendment by Pub. L. 116–283 effective Jan. 1, 2022, with additional provisions for delayed implementation and applicability of existing law, see section 1801(d) of Pub. L. 116–283, set out as a note preceding section 3001 of this title.

§4507. Procurement of services: contracts for professional and technical services

(a) In General.—The Secretary of Defense shall prescribe regulations to ensure, to the maximum extent practicable, that professional and technical services are acquired on the basis of the task to be performed rather than on the basis of the number of hours of services provided.

(b) Content of Regulations.—With respect to contracts to acquire services on the basis of the number of hours of services provided, the regulations described in subsection (a) shall—

(1) include standards and approval procedures to minimize the use of such contracts;

(2) establish criteria to ensure that proposals for contracts for technical and professional services are evaluated on a basis which does not encourage contractors to propose uncompensated overtime;

(3) ensure appropriate emphasis on technical and quality factors in the source selection process;

(4) require identification of any hours in excess of 40-hour weeks included in a proposal;

(5) ensure that offerors are notified that proposals which include unrealistically low labor rates or which do not otherwise demonstrate cost realism will be considered in a risk assessment and evaluated appropriately; and

(6) provide guidance to contracting officers to ensure that any use of uncompensated overtime will not degrade the level of technical expertise required to perform the contract.

(Added Pub. L. 101–510, div. A, title VIII, §834(a)(1), Nov. 5, 1990, 104 Stat. 1613, §2331; amended Pub. L. 102–25, title VII, §701(a), Apr. 6, 1991, 105 Stat. 113; Pub. L. 103–355, title I, §1004(c), Oct. 13, 1994, 108 Stat. 3253; Pub. L. 107–107, div. A, title VIII, §801(g)(1), Dec. 28, 2001, 115 Stat. 1177; renumbered §4507, Pub. L. 116–283, div. A, title XVIII, §1856(g), Jan. 1, 2021, 134 Stat. 4275.)

Editorial Notes

Prior Provisions

A prior section 4507, act Aug. 10, 1956, ch. 1041, 70A Stat. 253, which related to sale of ordnance and ordnance stores to designers, was repealed by Pub. L. 103–160, div. A, title VIII, §822(b)(3), Nov. 30, 1993, 107 Stat. 1706.

Amendments

2021—Pub. L. 116–283 renumbered section 2331 of this title as this section.

2001—Pub. L. 107–107 substituted "Procurement of services: contracts" for "Contracts" in section catchline.

1994—Subsec. (c). Pub. L. 103–355 struck out text and heading of subsec. (c). Text read as follows:

"(1) The Secretary of Defense may waive the limitation in section 2304(j)(4) of this title on the total value of task orders for specific contracting activities to the extent the Secretary considers the use of master agreements necessary in order to further the policy set forth in subsection (a).

"(2) During any fiscal year, such a waiver may not increase the total value of task orders under master agreements of a contracting activity by more than 20 percent of the value of all contracts for advisory and assistance services awarded by that contracting activity during fiscal year 1989.

"(3) Such a waiver shall not become effective until 60 days after the Secretary of Defense has published notice thereof in the Federal Register."

1991—Subsec. (c)(1). Pub. L. 102–25 struck out "on a case-by-case basis" after "value of task orders", substituted "considers the use of master agreements necessary" for "considers necessary the use of master agreements", and struck out "of this section" before period at end.

Statutory Notes and Related Subsidiaries

Effective Date of 2021 Amendment

Amendment by Pub. L. 116–283 effective Jan. 1, 2022, with additional provisions for delayed implementation and applicability of existing law, see section 1801(d) of Pub. L. 116–283, set out as a note preceding section 3001 of this title.

Effective Date of 1994 Amendment

For effective date and applicability of amendment by Pub. L. 103–355, see section 10001 of Pub. L. 103–355, set out as a note under section 8752 of this title.

Regulations

Pub. L. 101–510, div. A, title VIII, §834(b), Nov. 5, 1990, 104 Stat. 1614, provided that: "Not later than 180 days after the date of the enactment of this Act [Nov. 5, 1990], the Secretary of Defense shall publish for public comment new regulations to carry out the requirements in this section [enacting this section]. The Secretary shall promulgate final regulations to carry out such requirements not later than 270 days after the date of the enactment of this Act."

Provisions Not Affected by Pub. L. 103–355

Repeal of subsec. (c) of this section by Pub. L. 103–355 not to be construed as modifying or superseding, or as intended to impair or restrict, authorities or responsibilities under former 40 U.S.C. 759 or chapter 11 of Title 40, Public Buildings, Property, and Works, see section 1004(d) of Pub. L. 103–355, set out as a note preceding section 3401 of this title.

§4508. Contractor performance of acquisition functions closely associated with inherently governmental functions

(a) Limitation.—The head of an agency may enter into a contract for the performance of acquisition functions closely associated with inherently governmental functions only if the contracting officer for the contract ensures that—

(1) appropriate military or civilian personnel of the Department of Defense cannot reasonably be made available to perform the functions;

(2) appropriate military or civilian personnel of the Department of Defense are—

(A) to supervise contractor performance of the contract; and

(B) to perform all inherently governmental functions associated with the functions to be performed under the contract; and

(3) the agency addresses any potential organizational conflict of interest of the contractor in the performance of the functions under the contract, consistent with subpart 9.5 of part 9 of the Federal Acquisition Regulation and the best interests of the Department of Defense.

(b) Definitions.—In this section:

(1) The term "head of an agency" does not include the Secretary of Homeland Security or the Administrator of the National Oceanic and Atmospheric Administration.

(2) The term "inherently governmental functions" has the meaning given such term in subpart 7.5 of part 7 of the Federal Acquisition Regulation.

(3) The term "functions closely associated with inherently governmental functions" means the functions described in section 7.503(d) of the Federal Acquisition Regulation.

(4) The term "organizational conflict of interest" has the meaning given such term in subpart 9.5 of part 9 of the Federal Acquisition Regulation.

(Added Pub. L. 108–375, div. A, title VIII, §804(a)(1), Oct. 28, 2004, 118 Stat. 2007, §2383; renumbered §4508 and amended Pub. L. 116–283, div. A, title XVIII, §1856(g), (i), Jan. 1, 2021, 134 Stat. 4275.)

Editorial Notes

Prior Provisions

A prior section 4508, acts Aug. 10, 1956, ch. 1041, 70A Stat. 253; Nov. 2, 1966, Pub. L. 89–718, §27, 80 Stat. 1119, which related tests of iron, steel, and other materials, was repealed by Pub. L. 103–160, div. A, title VIII, §822(b)(3), Nov. 30, 1993, 107 Stat. 1706.

Amendments

2021—Pub. L. 116–283 renumbered section 2383 of this title as this section.

Subsec. (b)(1). Pub. L. 116–283, §1856(i), which directed striking out "has the meaning given in section 2302(1) of this title, except that such term", was executed by striking out "has the meaning given such term in section 2302(1) of this title, except that such term" before "does not include", to reflect the probable intent of Congress.

Statutory Notes and Related Subsidiaries

Effective Date of 2021 Amendment

Amendment by Pub. L. 116–283 effective Jan. 1, 2022, with additional provisions for delayed implementation and applicability of existing law, see section 1801(d) of Pub. L. 116–283, set out as a note preceding section 3001 of this title.

Effective Date

Pub. L. 108–375, div. A, title VIII, §804(b), Oct. 28, 2004, 118 Stat. 2008, provided that: "Section 2383 of title 10, United States Code [now 10 U.S.C. 4508] (as added by subsection (a)), shall apply to contracts entered into on or after the date of the enactment of this Act [Oct. 28, 2004]."

§4509. Contracts for advisory and assistance services: cost comparison studies

(a) Requirement.—(1)(A) Before the Secretary of Defense enters into a contract described in subparagraph (B), the Secretary shall determine whether Department of Defense personnel have the capability to perform the services proposed to be covered by the contract.

(B) Subparagraph (A) applies to any contract of the Department of Defense for advisory and assistance services that is expected to have a value in excess of $100,000.

(2) If the Secretary determines that Department of Defense personnel have the capability to perform the services to be covered by the contract, the Secretary shall conduct a study comparing the cost of performing the services with Department of Defense personnel and the cost of performing the services with contractor personnel.

(b) Waiver.—The Secretary of Defense may, pursuant to guidelines prescribed by the Secretary, waive the requirement to perform a cost comparison study under subsection (a)(2) based on factors that are not related to cost.

(Added Pub. L. 103–337, div. A, title III, §363(a)(1), Oct. 5, 1994, 108 Stat. 2733, §2410l; renumbered §4509, Pub. L. 116–283, div. A, title XVIII, §1856(g), Jan. 1, 2021, 134 Stat. 4275.)

Editorial Notes

Prior Provisions

A prior section 4531, act Aug. 10, 1956, ch. 1041, 70A Stat. 253, authorized Secretary of the Army to procure materials and facilities necessary to maintain and support the Army, prior to repeal by Pub. L. 103–160, div. A, title VIII, §823(2), Nov. 30, 1993, 107 Stat. 1707.

A prior section 4532 was renumbered section 7532 of this title.

Prior sections 4533 to 4535 were repealed by Pub. L. 103–160, div. A, title VIII, §823(3)–(5), Nov. 30, 1993, 107 Stat. 1707.

Section 4533, act Aug. 10, 1956, ch. 1041, 70A Stat. 254, related to purchases of army rations.

Section 4534, act Aug. 10, 1956, ch. 1041, 70A Stat. 254, related to subsistence supplies, contract stipulations, and place of delivery on inspection.

Section 4535, act Aug. 10, 1956, ch. 1041, 70A Stat. 254, provided that exceptional subsistence supplies could be purchased without advertising.

A prior section 4536 was renumbered section 7536 of this title.

Prior sections 4537 and 4538 were repealed by Pub. L. 103–160, div. A, title VIII, §823(6), (7), Nov. 30, 1993, 107 Stat. 1707.

Section 4537, acts Aug. 10, 1956, ch. 1041, 70A Stat. 254; Nov. 2, 1966, Pub. L. 89–718, §8(a), 80 Stat. 1117; Dec. 12, 1980, Pub. L. 96–513, title V, §512(14), 94 Stat. 2930, authorized Secretary of the Army to obtain assistance of United States mapping agencies in making and developing military surveys and maps.

Section 4538, acts Aug. 10, 1956, ch. 1041, 70A Stat. 255; Dec. 12, 1980, Pub. L. 96–513, title V, §512(15), 94 Stat. 2930, related to exchange and reclamation of unserviceable ammunition.

A prior section 4539, act Aug. 10, 1956, ch. 1041, 70A Stat. 255, provided for purchase of horses and mules in open market at Army posts, within maximum prices prescribed by Secretary of the Army, prior to repeal by Pub. L. 91–482, §1(a), Oct. 21, 1970, 84 Stat. 1082.

A prior section 4540 was renumbered section 7540 of this title.

Another prior section 4541 was renumbered section 7541 of this title.

Prior sections 4542 to 4544, 4551 to 4555, and 4561 to 4565 were renumbered sections 7542 to 7544, 7551 to 7555, and 7561 to 7565 of this title, respectively.

Amendments

2021—Pub. L. 116–283 renumbered section 2410l of this title as this section.

Statutory Notes and Related Subsidiaries

Effective Date of 2021 Amendment

Amendment by Pub. L. 116–283 effective Jan. 1, 2022, with additional provisions for delayed implementation and applicability of existing law, see section 1801(d) of Pub. L. 116–283, set out as a note preceding section 3001 of this title.

Effective Date

Pub. L. 103–337, div. A, title III, §363(c), Oct. 5, 1994, 108 Stat. 2734, provided that: "Section 2410l of title 10, United States Code [now 10 U.S.C. 4509], as added by subsection (a), shall take effect 180 days after the date of the enactment of this Act [Oct. 5, 1994]."

Procedures for Conduct of Studies

Pub. L. 103–337, div. A, title III, §363(b), Oct. 5, 1994, 108 Stat. 2734, provided that: "The Secretary of Defense shall prescribe the following procedures:

"(1) Procedures for carrying out a cost comparison study under subsection (a)(2) of section 2410l of title 10, United States Code [now 10 U.S.C. 4509(a)(2)], as added by subsection (a), which may contain a requirement that the cost comparison study include consideration of factors that are not related to cost, including the quality of the service required to be performed, the availability of Department of Defense personnel, the duration and recurring nature of the services to be performed, and the consistency of the workload.

"(2) Procedures for reviewing contracts entered into after a waiver under subsection (b) of such section to determine whether the contract is justified and sufficiently documented."

CHAPTER 343—[RESERVED]

        

Editorial Notes

Prior Provisions

A prior chapter 343 "ACQUISITION OF SERVICES", consisting of reserved section 4541, was repealed by Pub. L. 116–283, div. A, title XVIII, §1856(b), Jan. 1, 2021, 134 Stat. 4273.

Another prior chapter 343 was renumbered chapter 723 of this title.

Amendments

Pub. L. 117–81, div. A, title XVII, §1701(i)(9)(B), Dec. 27, 2021, 135 Stat. 2142, generally amended the text inserted by Pub. L. 116–283, div. A, title XVIII, §1856(j), Jan. 1, 2021, 134 Stat. 4276, which added this chapter, resulting in substitution of "[RESERVED]" for "ACQUISITION OF SERVICES OF CONTRACTORS PERFORMING PRIVATE SECURITY FUNCTIONS" in chapter heading and "[Reserved]" for "Contractors Performing Private Security Functions in Areas of Combat Operations or Other Significant Military Operations" in item for subchapter I and for "Standards and Certification for Private Security" in item for subchapter II.

SUBCHAPTER I—[RESERVED]

        

Editorial Notes

Amendments

Pub. L. 117–81, div. A, title XVII, §1701(i)(9)(B), Dec. 27, 2021, 135 Stat. 2142, generally amended the text inserted by Pub. L. 116–283, div. A, title XVIII, §1856(j), Jan. 1, 2021, 134 Stat. 4276, which added this subchapter, resulting in substitution of "[RESERVED]" for "CONTRACTORS PERFORMING PRIVATE SECURITY FUNCTIONS IN AREAS OF COMBAT OPERATIONS OR OTHER SIGNIFICANT MILITARY OPERATIONS" in subchapter heading and no change in item 4541.

SUBCHAPTER II—[RESERVED]

        

Editorial Notes

Amendments

Pub. L. 117–81, div. A, title XVII, §1701(i)(9)(B), Dec. 27, 2021, 135 Stat. 2142, generally amended the text inserted by Pub. L. 116–283, div. A, title XVIII, §1856(j), Jan. 1, 2021, 134 Stat. 4276, which added this subchapter, resulting in substitution of "[RESERVED]" for "STANDARDS AND CERTIFICATION FOR PRIVATE SECURITY CONTRACTORS" in subchapter heading and no change in item 4551.

CHAPTER 345—ACQUISITION OF INFORMATION TECHNOLOGY

        

Editorial Notes

Prior Provisions

A prior chapter 345 "ACQUISITION OF INFORMATION TECHNOLOGY", consisting of reserved section 4571, was repealed by Pub. L. 116–283, div. A, title XVIII, §1857(a), Jan. 1, 2021, 134 Stat. 4276.

Another prior chapter 345 was renumbered chapter 725 of this title.

Statutory Notes and Related Subsidiaries

Guidance on Acquisition of Business Systems

Pub. L. 114–92, div. A, title VIII, §883(e), Nov. 25, 2015, 129 Stat. 947, provided that: "The Secretary of Defense shall issue guidance for major automated information systems acquisition programs to promote the use of best acquisition, contracting, requirement development, systems engineering, program management, and sustainment practices, including—

"(1) ensuring that an acquisition program baseline has been established within two years after program initiation;

"(2) ensuring that program requirements have not changed in a manner that increases acquisition costs or delays the schedule, without sufficient cause and only after maximum efforts to reengineer business processes prior to changing requirements;

"(3) policies to evaluate commercial off-the-shelf business systems for security, resilience, reliability, interoperability, and integration with existing interrelated systems where such system integration and interoperability are essential to Department of Defense operations;

"(4) policies to work with commercial off-the-shelf business system developers and owners in adapting systems for Department of Defense use;

"(5) policies to perform Department of Defense legacy system audits to determine which systems are related to or rely upon the system to be replaced or integrated with commercial off-the-shelf business systems;

"(6) policies to perform full backup of systems that will be changed or replaced by the installation of commercial off-the-shelf business systems prior to installation and deployment to ensure reconstitution of the system to a functioning state should it become necessary;

"(7) policies to engage the research and development activities and laboratories of the Department of Defense to improve acquisition outcomes; and

"(8) policies to refine and improve developmental and operational testing of business processes that are supported by the major automated information systems."

Designation of Military Department Entity Responsible for Acquisition of Critical Cyber Capabilities

Pub. L. 114–92, div. A, title XVI, §1645, Nov. 25, 2015, 129 Stat. 1117, which required the Secretary of Defense to designate an entity within a military department to be responsible for the acquisition of certain critical cyber capabilities, was repealed by Pub. L. 117–263, div. A, title XV, §1509(j), Dec. 23, 2022, 136 Stat. 2890.

Supervision of the Acquisition of Cloud Computing Capabilities

Pub. L. 113–66, div. A, title IX, §938, Dec. 26, 2013, 127 Stat. 835, provided that:

"(a) Supervision.—

"(1) In general.—The Secretary of Defense shall, acting through the Under Secretary of Defense for Acquisition, Technology, and Logistics, the Under Secretary of Defense for Intelligence [now Under Secretary of Defense for Intelligence and Security], the Chief Information Officer of the Department of Defense, and the Chairman of the Joint Requirements Oversight Council, supervise the following:

"(A) Review, development, modification, and approval of requirements for cloud computing solutions for data analysis and storage by the Armed Forces and the Defense Agencies, including requirements for cross-domain, enterprise-wide discovery and correlation of data stored in cloud and non-cloud computing databases, relational and non-relational databases, and hybrid databases.

"(B) Review, development, modification, approval, and implementation of plans for the competitive acquisition of cloud computing systems or services to meet requirements described in subparagraph (A), including plans for the transition from current computing systems to systems or services acquired.

"(C) Development and implementation of plans to ensure that the cloud systems or services acquired pursuant to subparagraph (B) are interoperable and universally accessible and usable through attribute-based access controls.

"(D) Integration of plans under subparagraphs (B) and (C) with enterprise-wide plans of the Armed Forces and the Department of Defense for the Joint Information Environment and the Defense Intelligence Information Environment.

"(2) Direction.—The Secretary shall provide direction to the Armed Forces and the Defense Agencies on the matters covered by paragraph (1) by not later than March 15, 2014.

"(b) Integration With Intelligence Community Efforts.—The Secretary shall coordinate with the Director of National Intelligence to ensure that activities under this section are integrated with the Intelligence Community Information Technology Enterprise in order to achieve interoperability, information sharing, and other efficiencies.

"(c) Limitation.—The requirements of subparagraphs (B), (C), and (D) of subsection (a)(1) shall not apply to a contract for the acquisition of cloud computing capabilities in an amount less than $1,000,000.

"(d) Rule of Construction.—Nothing in this section shall be construed to alter or affect the authorities or responsibilities of the Director of National Intelligence under section 102A of the National Security Act of 1947 (50 U.S.C. 3024)."

§4571. Information technology acquisition: planning and oversight processes

(a) Establishment of Program.—The Secretary of Defense shall establish a program to improve the planning and oversight processes for the acquisition of major automated information systems by the Department of Defense.

(b) Program Components.—The program established under subsection (a) shall include—

(1) a documented process for information technology acquisition planning, requirements development and management, project management and oversight, earned value management, and risk management;

(2) the development of appropriate metrics that can be implemented and monitored on a real-time basis for performance measurement of—

(A) processes and development status of investments in major automated information system programs;

(B) continuous process improvement of such programs; and

(C) achievement of program and investment outcomes;

(3) a process to ensure that key program personnel have an appropriate level of experience, training, and education in the planning, acquisition, execution, management, and oversight of information technology systems;

(4) a process to ensure sufficient resources and infrastructure capacity for test and evaluation of information technology systems;

(5) a process to ensure that military departments and Defense Agencies adhere to established processes and requirements relating to the planning, acquisition, execution, management, and oversight of information technology programs and developments; and

(6) a process under which an appropriate Department of Defense official may intervene or terminate the funding of an information technology investment if the investment is at risk of not achieving major project milestones.

(Added Pub. L. 111–383, div. A, title VIII, §805(a)(1), Jan. 7, 2011, 124 Stat. 4259, §2223a; renumbered §4571 and amended Pub. L. 116–283, div. A, title XVIII, §1857(b), Jan. 1, 2021, 134 Stat. 4276.)

Editorial Notes

Amendments

2021—Pub. L. 116–283, §1857(b)(2), amended section catchline generally. Prior to amendment, section catchline read as follows: "Information technology acquisition planning and oversight requirements".

Pub. L. 116–283, §1857(b)(1), renumbered section 2223a of this title as this section.

Statutory Notes and Related Subsidiaries

Effective Date of 2021 Amendment

Amendment by Pub. L. 116–283 effective Jan. 1, 2022, with additional provisions for delayed implementation and applicability of existing law, see section 1801(d) of Pub. L. 116–283, set out as a note preceding section 3001 of this title.

Policies for Management and Certification of Link 16 Military Tactical Data Link Network

Pub. L. 118–31, div. A, title II, §228, Dec. 22, 2023, 137 Stat. 199, provided that:

"(a) Policies Required.—The Secretary of Defense shall develop and implement policies to adapt Link 16 system management and certification to align with agile development practices.

"(b) Elements.—The policies required by subsection (a) shall include the following:

"(1) A standardized process through a Chairman, Joint Chiefs of Staff Manual, to allow Link 16 frequency use within approved special use airspaces for the purpose of testing radio systems and associated software that have not completed electromagnetic compatibility features certification. Such process—

"(A) shall, at a minimum, ensure routine and continued approval for test operations of developmental systems in the Nevada Test and Training Range, Restricted Area 2508, Warning Area 151/470, Warning Area 386, and the Joint Pacific Alaska Range Complex; and

"(B) may incorporate standardized mitigations that enable routine approval including effective radiated power settings and coordination for rapid test termination.

"(2) Processes to streamline approval or denial of temporary frequency assignment for Link 16 operations to not more than 15 days for test, training, and large-scale exercises. In developing such processes, the Secretary of Defense—

"(A) shall ensure that the processes cover operations in excess of uncoordinated operations time slot duty factor limits, inclusion of foreign participants, and participation of non-stage 4 approved terminals or platforms; and

"(B) consider delegating sole authority for temporary frequency assignment to the Department of Defense and the automation of decision-making processes relating to such assignments.

"(3) Delegation of authority to the system manager for Link 16 to determine when new software within Department of Defense Link 16 terminals affects electromagnetic compatibility features and requires recertification.

"(4) The self-certification by the Department of Defense of the compliance of the Department's radios with electromagnetic compatibility features.

"(5) Processes to internally manage Link 16 uncoordinated operations that enable approval for test, training, and exercises that does not exceed 15 days for systems holding an active radio frequency authorization or temporary frequency assignment.

"(c) Information to Congress.—Not later than 180 days after the date of the enactment of this Act [Dec. 22, 2023], the Secretary of Defense shall provide to the congressional defense committees—

"(1) a briefing on the policies developed under subsection (a), along with a timeline for implementation of such policies; and

"(2) a list of such additional resources or authorities as the Secretary determines may be required to implement such policies.

"(d) Testing Required.—

"(1) In general.—In conjunction with the development of the policies required under subsection (a), the Secretary of Defense shall conduct, sponsor, or review testing and analysis that determines if any effects on air traffic systems are possible due to Link 16 terminals which have not completed electromagnetic compatibility features certification and quantifies any such effects. Such testing shall evaluate Link 16 transmission within plus or minus 7 megahertz of the 1030 and 1090 megahertz frequency bands to determine if effects on air traffic systems are possible, under what conditions such effects could occur, and the impact of such effects.

"(2) Report.—Not later than 180 days after the date of the enactment of this Act, the Secretary of Defense shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a report on the results of the testing conducted under paragraph (1), with an emphasis on procedures that the Secretary intends to implement to negate harmful effects on air traffic from the use of Link 16 terminals or platforms that have not completed electromagnetic compatibility features certification, within special use airspace."

Requirements for Deployment of Fifth Generation Information and Communications Capabilities to Military Installations and Other Department Facilities

Pub. L. 118–31, div. A, title XV, §1526, Dec. 22, 2023, 137 Stat. 557, provided that:

"(a) Requirements.—

"(1) Strategy for private wireless networks.—Not later than 120 days after the date of the enactment of this Act [Dec. 22, 2023], the Secretary of Defense shall develop and implement a strategy for deploying to military installations and other facilities of the Department of Defense private wireless networks that are—

"(A) based on fifth generation information and communications capabilities and Open Radio Access Network architecture; and

"(B) tailored to the mission, security, and performance requirements of the respective military installation or other facility.

"(2) Process for public wireless network service providers.—

"(A) Establishment.—The Secretary shall establish a Department-wide process under which a public wireless network service provider of fifth generation information and communications capabilities may gain access to a military installation or other facility of the Department to provide commercial subscriber services to military and civilian personnel of the Department (including contractor personnel) located at, and organizational elements of the Department maintained at, such installation or facility.

"(B) Design requirements.—In establishing the process under subparagraph (A), the Secretary shall ensure relevant system architectures and supporting infrastructure are designed to support modular upgrades to future generation technologies.

"(3) Determination relating to contract authority.—The Secretary shall determine, on a contract-by-contract basis or as a determination with uniform applicability to contracts across military installations and other facilities of the Department, whether to enter into a contract for—

"(A) neutral hosting, under which infrastructure and services would be provided to companies deploying private wireless networks and public wireless network services to such installation or other facility through multi-operator core network architectures; or

"(B) separate private wireless network and public wireless network infrastructure at such installation or other facility (which shall include a determination by the Secretary on how to establish roaming agreements and policies between such networks).

"(4) Briefing.—Not later than 150 days after the date of the enactment of this Act, the Secretary shall provide to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a briefing on the strategy developed under paragraph (1) and any other activity carried out pursuant to this subsection.

"(b) International Cooperation Activities.—The Secretary, using existing authorities available to the Secretary, may engage in cooperation activities with foreign allies and partners of the United States to—

"(1) improve the implementation of the strategy under subsection (a)(1); and

"(2) inform the deployment of private wireless networks to military installations and other facilities of the Department pursuant to such strategy.

"(c) Open Radio Access Network Architecture Defined.—In this section, the term 'Open Radio Access Network architecture' means a network architecture that is modular, uses open interfaces, and virtualizes functionality on commodity hardware through software."

Target Date for Deployment of 5G Wireless Broadband Infrastructure at All Military Installations

Pub. L. 117–263, div. A, title II, §221, Dec. 23, 2022, 136 Stat. 2478, provided that:

"(a) Target Required.—Not later than July 30, 2023, the Secretary of Defense shall—

"(1) establish a target date by which the Secretary plans to deploy 5G wireless broadband infrastructure at all military installations; and

"(2) establish metrics, which shall be identical for each of the military departments, to measure progress toward reaching the target required by paragraph (1).

"(b) Annual Report.—Not later than December 31, 2023, and on an annual basis thereafter until the date specified in subsection (c), the Secretary of Defense shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a report that includes—

"(1) the metrics in use pursuant to subsection (a)(2); and

"(2) the progress of the Secretary in reaching the target required by subsection (a)(1).

"(c) Termination.—The requirement to submit annual reports under subsection (b) shall terminate on the date that is five years after the date of the enactment of this Act [Dec. 23, 2022]."

Pilot Programs for Deployment of Telecommunications Infrastructure To Facilitate 5G Deployment on Military Installations

Pub. L. 117–81, div. A, title II, §233, Dec. 27, 2021, 135 Stat. 1614, provided that:

"(a) Plans.—

"(1) In general.—Not later than 180 days after enactment of this Act [Dec. 27, 2021], each Secretary of a military department shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a plan for a pilot program for the deployment of telecommunications infrastructure to facilitate the availability of fifth-generation wireless telecommunications services on military installations under the jurisdiction of the Secretary.

"(2) Plan elements.—Each plan submitted under paragraph (1) by a Secretary of a military department shall include, with respect to such military department, the following:

"(A) A list of military installations at which the pilot program will be carried out, including at least one military installation of the department.

"(B) A description of authorities that will be used to execute the pilot program.

"(C) A timeline for the implementation and duration of the pilot program.

"(D) The identity of each telecommunication carrier that intends to use the telecommunications infrastructure deployed pursuant to the pilot to provide fifth-generation wireless telecommunication services at each of the military installations listed under subparagraph (A).

"(E) An assessment of need for centralized processes and points of contacts to facilitate deployment of the telecommunications infrastructure.

"(b) Pilot Programs Required.—Not later than one year after the date of the enactment of this Act, each Secretary of a military department shall establish a pilot program in accordance with the plan submitted by the Secretary under subsection (a)(1).

"(c) Reports.—

"(1) In general.—Not later than 180 days after the date on which a Secretary of a military department commences a pilot program under subsection (b), and not less frequently than once every 180 days thereafter until the completion of the pilot program, the Secretary shall submit to the congressional defense committees a report on the pilot program.

"(2) Contents.—Each report submitted under paragraph (1) for a pilot program shall include the following:

"(A) A description of the status of the pilot program at each military installation at which the pilot program is carried out.

"(B) A description of the use of, and services provided by, telecommunications carriers of the telecommunications infrastructure at each military installation under the pilot program.

"(C) Such additional information as the Secretary of the military department considers appropriate.

"(d) Telecommunications Infrastructure Defined.—In this section, the term 'telecommunications infrastructure' includes, at a minimum, the following:

"(1) Macro towers.

"(2) Small cell poles.

"(3) Distributed antenna systems.

"(4) Dark fiber.

"(5) Power solutions."

Legacy Information Technologies and Systems Accountability

Pub. L. 117–81, div. A, title XV, §1522, Dec. 27, 2021, 135 Stat. 2041, provided that:

"(a) In General.—Not later than 270 days after the date of the enactment of this Act [Dec. 27, 2021], the Secretaries of the Army, Navy, and Air Force shall each initiate efforts to identify legacy applications, software, and information technology within their respective Departments and eliminate any such application, software, or information technology that is no longer required.

"(b) Specifications.—To carry out subsection (a), that Secretaries of the Army, Navy, and Air Force shall each document the following:

"(1) An identification of the applications, software, and information technologies that are considered active or operational, but which are judged to no longer be required by the respective Department.

"(2) Information relating to the sources of funding for the applications, software, and information technologies identified pursuant to paragraph (1).

"(3) An identification of the senior official responsible for each such application, software, or information technology.

"(4) A plan to discontinue use and funding for each such application, software, or information technology.

"(c) Exemption.—Any effort substantially similar to that described in subsections (a) and (b) that is being carried out by the Secretary of the Army, Navy, or Air Force as of the date of the enactment of this Act and completed not later 180 days after such date shall be treated as satisfying the requirements under such subsections.

"(d) Report.—Not later than 270 days after the date of the enactment of this Act, the Secretaries of the Army, Navy, and Air Force shall each submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] the documentation required under subsection (b)."

Governance of Fifth-Generation Wireless Networking in the Department of Defense

Pub. L. 116–283, div. A, title II, §224, Jan. 1, 2021, 134 Stat. 3472, provided that:

"(a) Transition of 5G Wireless Networking to Operational Use.—

"(1) Transition plan required.—The Under Secretary of Defense for Research and Engineering, in consultation with the cross functional team established under subsection (c), shall develop a plan to transition fifth-generation (commonly known as '5G') wireless technology to operational use within the Department of Defense.

"(2) Elements.—The transition plan under paragraph (1) shall include the following:

"(A) A timeline for the transition of responsibility for 5G wireless networking to the Chief Information Officer, as required under subsection (b)(1).

"(B) A description of the roles and responsibilities of the organizations and elements of the Department of Defense with respect to the acquisition, sustainment, and operation of 5G wireless networking for the Department, as determined by the Secretary of Defense in accordance with subsection (d).

"(3) Interim briefing.—Not later than March 31, 2021[,] the Secretary of Defense shall provide to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a briefing on the status of the plan required under paragraph (1).

"(4) Final report.—Not later than September 30, 2021, the Secretary of Defense shall submit to the congressional defense committees a report that includes the plan developed under paragraph (1).

"(b) Senior Official for 5G Wireless Networking.—

"(1) Designation of chief information officer.—Not later than October 1, 2023, the Secretary of Defense shall designate the Chief Information Officer as the senior official within Department of Defense with primary responsibility for—

"(A) policy, oversight, guidance, research, and coordination on matters relating to 5G wireless networking; and

"(B) making proposals to the Secretary on governance, management, and organizational policy for 5G wireless networking.

"(2) Role of under secretary of defense for research and engineering.—The Under Secretary of Defense for Research and Engineering shall carry out the responsibilities specified in paragraph (1) until the date on which the Secretary of Defense designates the Chief Information Officer as the senior official responsible for 5G wireless networking under such paragraph.

"(c) Cross-functional Team for 5G Wireless Networking.—

"(1) Establishment.—Using the authority provided under section 911(c) of the National Defense Authorization Act for Fiscal Year 2017 (Public Law 114–328; 10 U.S.C. 111 note), the Secretary of Defense shall establish a cross-functional team for 5G wireless networking.

"(2) Duties.—The duties of the cross-functional team established under paragraph (1) shall be—

"(A) to assist the Secretary of Defense in determining the roles and responsibilities of the organizations and elements of the Department of Defense with respect to the acquisition, sustainment, and operation of 5G wireless networking, as required under subsection (d);

"(B) to assist the senior official responsible for 5G wireless networking in carrying out the responsibilities assigned to such official under subsection (b);

"(C) to oversee the implementation of the strategy developed under section 254 of the National Defense Authorization Act for Fiscal Year 2020 (Public Law 116–92; 10 U.S.C. 2223a note [now 10 U.S.C. 4571 note]) for harnessing 5G wireless networking technologies, coordinated across all relevant elements of the Department;

"(D) to advance the adoption of commercially available, next-generation wireless communication technologies, capabilities, security, and applications by the Department and the defense industrial base; and

"(E) to support public-private partnerships between the Department and industry on matters relating to 5G wireless networking;

"(F) to coordinate research and development, implementation and acquisition activities, warfighting concept development, spectrum policy, industrial policy and commercial outreach and partnership relating to 5G wireless networking in the Department, and interagency and international engagement;

"(G) to integrate the Department's 5G wireless networking programs and policies with major initiatives, programs, and policies of the Department relating to secure microelectronics and command and control; and

"(H) to oversee, coordinate, execute, and lead initiatives to advance 5G wireless network technologies and associated applications developed for the Department.

"(3) Team leader.—The Under Secretary of Defense for Research and Engineering shall lead the cross-functional team established under paragraph (1) until the date on which the Secretary of Defense designates the Chief Information Officer as the senior official responsible for 5G wireless networking as required under subsection (b)(1). Beginning on the date of such designation, the Chief Information Officer shall lead the cross functional team.

"(d) Determination of Organizational Roles and Responsibilities.—The Secretary of Defense, acting through the cross-functional team established under subsection (c), shall determine the roles and responsibilities of the organizations and elements of the Department of Defense with respect to the acquisition, sustainment, and operation of 5G wireless networking for the Department, including the roles and responsibilities of the Office of the Secretary of Defense, the intelligence components of the Department, Defense Agencies and Department of Defense Field Activities, the Armed Forces, combatant commands, and the Joint Staff.

"(e) Briefing.—Not later than 90 days after the date of the enactment of this Act [Jan. 1, 2021], the Secretary of Defense shall submit to the congressional defense committees a briefing on the progress of the Secretary in—

"(1) establishing the cross-functional team under subsection (c); and

"(2) determining the roles and responsibilities of the organizations and elements of the Department of Defense with respect to 5G wireless networking as required under subsection (d).

"(f) 5G Procurement Decisions.—Each Secretary of a military department shall be responsible for decisions relating to the procurement of 5G wireless technology for that department.

"(g) Telecommunications Security Program.—

"(1) Program required.—The Secretary of Defense shall carry out a program to identify and mitigate vulnerabilities in the 5G telecommunications infrastructure of the Department of Defense.

"(2) Elements.—In carrying out the program under paragraph (1), the Secretary shall—

"(A) develop a capability to communicate clearly and authoritatively about threats by foreign adversaries;

"(B) conduct independent red-team security analysis of systems, subsystems, devices, and components of the Department of Defense including no-knowledge testing and testing with limited or full knowledge of expected functionalities;

"(C) verify the integrity of personnel who are tasked with design fabrication, integration, configuration, storage, test, and documentation of noncommercial 5G technology to be used by the Department;

"(D) verify the efficacy of the physical security measures used at Department locations where system design, fabrication, integration, configuration, storage, test, and documentation of 5G technology occurs;

"(E) direct the Chief Information Officer to assess, using existing government evaluation models and schema where applicable, 5G core service providers whose services will be used by the Department through the Department's provisional authorization process; and

"(F) direct the Defense Information Systems Agency and the United States Cyber Command to develop a capability for continuous, independent monitoring of non-commercial, government-transiting packet streams for 5G data on frequencies assigned to the Department to validate the availability, confidentiality, and integrity of the Department's communications systems.

"(3) Implementation plan.—Not later than 90 days after the date of the enactment of this Act [Jan. 1, 2021], the Secretary of Defense shall submit to Congress a plan for the implementation of the program under paragraph (1).

"(4) Report.—Not later than 270 days after submitting the plan under paragraph (3), the Secretary of Defense shall submit to Congress a report that includes—

"(A) a comprehensive assessment of the findings and conclusions of the program under paragraph (1);

"(B) recommendations on how to mitigate vulnerabilities in the telecommunications infrastructure of the Department of Defense; and

"(C) an explanation of how the Department plans to implement such recommendations.

"(h) Rule of Construction.—

"(1) In general.—Nothing in this section shall be construed as providing the Chief Information Officer immediate responsibility for the activities of the Department of Defense in fifth-generation wireless networking experimentation and science and technology development.

"(2) Purview of experimentation and science and technology development.—The activities described in paragraph (1) shall remain within the purview of the Under Secretary of Defense for Research and Engineering, but shall inform and be informed by the activities of the cross-functional team established pursuant to subsection (c)."

Demonstration Project on Use of Certain Technologies for Fifth-Generation Wireless Networking Services

Pub. L. 116–283, div. A, title II, §225, Jan. 1, 2021, 134 Stat. 3475, provided that:

"(a) Demonstration Project.—The Secretary of Defense shall carry out a demonstration project to evaluate the maturity, performance, and cost of covered technologies to provide additional options for providers of fifth-generation wireless network services.

"(b) Location.—The Secretary of Defense shall carry out the demonstration project under subsection (a) in at least one location where the Secretary plans to deploy a fifth-generation wireless network.

"(c) Coordination.—The Secretary shall carry out the demonstration project under subsection (a) in coordination with at least one major wireless network service provider based in the United States.

"(d) Covered Technologies Defined.—In this section, the term 'covered technologies' means—

"(1) a disaggregated or virtualized radio access network and core in which components can be provided by different vendors and interoperate through open protocols and interfaces, including those protocols and interfaces utilizing the Open Radio Access Network (commonly known as 'Open RAN' or 'oRAN') approach; and

"(2) one or more massive multiple-input, multiple-output radio arrays, provided by one or more companies based in the United States, that have the potential to compete favorably with radios produced by foreign companies in terms of cost, performance, and efficiency."

Pilot Program on the Use of Consumption-Based Solutions To Address Software-Intensive Warfighting Capability

Pub. L. 116–283, div. A, title VIII, §834, Jan. 1, 2021, 134 Stat. 3754, provided that:

"(a) In General.—Subject to the availability of appropriations, the Secretary of Defense is authorized to establish a pilot program to explore the use of consumption-based solutions to address software-intensive warfighting capability.

"(b) Selection of Initiatives.—Each Secretary of a military department and each commander of a combatant command with acquisition authority shall propose for selection by the Secretary of Defense for the pilot program at least one and not more than three initiatives that are well-suited to explore consumption-based solutions, to include addressing software-intensive warfighting capability. The initiatives may be new or existing programs of record, and may include applications that—

"(1) rapidly analyze sensor data;

"(2) secure warfighter networks, including multilevel security;

"(3) swiftly transport information across various networks and network modalities;

"(4) enable joint all-domain operational concepts, including in a contested environment; or

"(5) advance military capabilities and effectiveness.

"(c) Requirements.—A contract or other agreement for consumption-based solutions entered into under the pilot program shall require—

"(1) the effectiveness of the solution to be measurable at regular intervals customary for the type of solution provided under contract or other agreement; and

"(2) that the awardee notify the Secretary of Defense when consumption under the contract or other agreement reaches 75 percent and 90 percent of the funded amount, respectively, of the contract or other agreement.

"(d) Exemption.—A modification to a contract or other agreement entered into under this section to add new features or capabilities in an amount less than or equal to 25 percent of the total value of such contract or other agreement shall be exempt from the requirements of full and open competition (as defined in section 2302 of title 10, United States Code [see 10 U.S.C. 3011]).

"(e) Duration.—The duration of a contract or other agreement entered into under this section may not exceed three years.

"(f) Monitoring and Evaluation of Pilot Program.—The Director of Cost Assessment and Program Evaluation shall continuously monitor and evaluate the pilot program, including by collecting data on cost, schedule, and performance from the program office, the user community, and the awardees involved in the program.

"(g) Reports.—

"(1) Initial report.—Not later than May 15, 2021, the Secretary of Defense shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a report on initiatives selected for the pilot program, roles, and responsibilities for implementing the program, and the monitoring and evaluation approach that will be used for the program.

"(2) Progress report.—Not later than October 15, 2021, the Secretary of Defense shall submit to the congressional defense committees a report on the progress of the initiatives selected for the pilot program.

"(3) Final report.—Not later than 3 years after the date of the enactment of this Act [Jan. 1, 2021], the Secretary of Defense shall submit to the congressional defense committees a report on the cost, schedule, and performance outcomes of the initiatives carried out under the pilot program. The report shall also include lessons learned about the use of consumption-based solutions for software-intensive capabilities and any recommendations for statutory or regulatory changes to facilitate the use of such solutions.

"(h) Consumption-based Solution Defined.—In this section, the term 'consumption-based solution' means any combination of software, hardware or equipment, and labor or services that provides a seamless capability that is metered and billed based on actual usage and predetermined pricing per resource unit, and includes the ability to rapidly scale capacity up or down."

Balancing Security and Innovation in Software Development and Acquisition

Pub. L. 116–283, div. A, title VIII, §835, Jan. 1, 2021, 134 Stat. 3755, provided that:

"(a) Requirements for Solicitations of Commercial and Developmental Solutions.—The Under Secretary of Defense for Acquisition and Sustainment, in coordination with the Chief Information Officer of the Department of Defense, shall develop requirements for appropriate software security criteria to be included in solicitations for commercial and developmental solutions and the evaluation of bids submitted in response to such solicitations, including a delineation of what processes were or will be used for a secure software development life cycle. Such requirements shall include—

"(1) establishment and enforcement of secure coding practices;

"(2) management of supply chain risks and third-party software sources and component risks;

"(3) security of the software development environment;

"(4) secure deployment, configuration, and installation processes; and

"(5) an associated vulnerability management plan and identification of tools that will be applied to achieve an appropriate level of security.

"(b) Security Review of Code.—The Under Secretary of Defense for Acquisition and Sustainment, in coordination with the Chief Information Officer of the Department of Defense, shall develop—

"(1) procedures for the security review of code; and

"(2) other procedures necessary to fully implement the pilot program required under section 875 of the National Defense Authorization Act for Fiscal Year 2018 (Public Law 115–91; 10 U.S.C. 2223 note).

"(c) Coordination With Cybersecurity Acquisition Policy Efforts.—The Under Secretary of Defense for Acquisition and Sustainment shall develop the requirements and procedures described under subsections (a) and (b) in coordination with the efforts of the Department of Defense to develop new cybersecurity and program protection policies and guidance that are focused on cybersecurity in the context of acquisition and program management and on safeguarding information."

Establishment of Secure Next-Generation Wireless Network (5G) Infrastructure for the Nevada Test and Training Range and Base Infrastructure

Pub. L. 116–92, div. A, title II, §226, Dec. 20, 2019, 133 Stat. 1269, provided that:

"(a) Establishment Required.—Not later than one year after the date of the enactment of this Act [Dec. 20, 2019], the Secretary of Defense shall establish secure fifth-generation wireless network components and capabilities at no fewer than two Department of Defense installations in accordance with this section.

"(b) Installations.—

"(1) Locations.—The Secretary shall establish components and capabilities under subsection (a) at the following:

"(A) The Nevada Test and Training Range, which shall serve as a Major Range and Test Facility Base (MRTFB) for fifth-generation wireless networking.

"(B) Such Department installations or other installations as the Secretary considers appropriate for the purpose set forth in paragraph (2).

"(2) Purpose.—The purpose of the establishment of components and capabilities under subsection (a) at the locations described in paragraph (1) of this subsection is to demonstrate the following:

"(A) The potential military utility of high bandwidth, scalable, and low latency fifth-generation wireless networking technology.

"(B) Advanced security technology that is applicable to fifth-generation networks as well as legacy Department command and control networks.

"(C) Secure interoperability with fixed and wireless systems (legacy and future systems).

"(D) Enhancements such as spectrum and waveform diversity, frequency hopping and spreading, and beam forming for military requirements.

"(E) Technology for dynamic network slicing for specific use cases and applications requiring varying levels of latency, scale, and throughput.

"(F) Technology for dynamic spectrum sharing and network isolation.

"(G) Base infrastructure installation of high bandwidth, scalable, and low latency fifth-generation wireless networking technology.

"(H) Applications for secure fifth-generation wireless network capabilities for the Department, such as the following:

"(i) Interactive augmented reality or synthetic training environments.

"(ii) Internet of things devices.

"(iii) Autonomous systems.

"(iv) Advanced manufacturing through the following:

     "(I) Department-sponsored centers for manufacturing innovation (as defined in section 34(c) of the National Institute of Standards and Technology Act (15 U.S.C. 278s(c))).

     "(II) Department research and development organizations.

     "(III) Manufacturers in the defense industrial base of the United States."

Digital Engineering Capability To Automate Testing and Evaluation

Pub. L. 116–92, div. A, title II, §231, Dec. 20, 2019, 133 Stat. 1274, provided that:

"(a) Digital Engineering Capability.—

"(1) In general.—The Secretary of Defense shall establish a digital engineering capability to be used—

"(A) for the development and deployment of digital engineering models for use in the defense acquisition process; and

"(B) to provide testing infrastructure and software to support automated approaches for testing, evaluation, and deployment throughout the defense acquisition process.

"(2) Requirements.—The capability developed under subsection (a) shall meet the following requirements:

"(A) The capability will be accessible to, and useable by, individuals throughout the Department of Defense who have responsibilities relating to capability design, development, testing, evaluation, and operation.

"(B) The capability will provide for the development, validation, use, curation, and maintenance of technically accurate digital systems, models of systems, subsystems, and their components, at the appropriate level of fidelity to ensure that test activities adequately simulate the environment in which a system will be deployed.

"(C) The capability will include software to automate testing throughout the program life cycle, including to satisfy developmental test requirements and operational test requirements. Such software may be developed in accordance with the authorities provided under section 800 [of Pub. L. 116–92, set out as a note below], and shall support—

"(i) security testing that includes vulnerability scanning and penetration testing performed by individuals, including threat-based red team exploitations and assessments with zero-trust assumptions; and

"(ii) high-confidence distribution of software to the field on a time-bound, repeatable, frequent, and iterative basis.

"(b) Demonstration Activities.—

"(1) In general.—In developing the capability required under subsection (a), the Secretary of Defense shall carry out activities to demonstrate digital engineering approaches to automated testing that—

"(A) enable continuous software development and delivery;

"(B) satisfy developmental test requirements for the software-intensive programs of the Department of Defense; and

"(C) satisfy operational test and evaluation requirements for such programs.

"(2) Program selection.—Not later than 180 days after the date of the enactment of this Act [Dec. 20, 2019], the Secretary of Defense shall assess and select not fewer than four and not more than ten programs of the Department of Defense to participate in the demonstration activities under paragraph (1), including—

"(A) at least one program participating in the pilot program authorized under section 873 of the National Defense Authorization Act for Fiscal Year 2018 (Public Law 115–91; 10 U.S.C. 2223a note [now former 10 U.S.C. 4571 note]);

"(B) at least one program participating in the pilot program authorized under section 874 of such Act (Public Law 115–91; 10 U.S.C. 2302 note);

"(C) at least one major defense acquisition program (as defined in section 2430 of title 10, United States Code [now 10 U.S.C. 4201]);

"(D) at least one command and control program;

"(E) at least one defense business system (as defined in section 2222(i) of title 10, United States Code); and

"(F) at least one program from each military service.

"(3) Additional requirements.—As part of the demonstration activities under paragraph (1), the Secretary shall—

"(A) conduct a comparative analysis that assesses the risks and benefits of the digital engineering supported automated testing approaches of the programs participating in the demonstration activities relative to traditional testing approaches that are not supported by digital engineering;

"(B) ensure that the intellectual property strategy for each of the programs participating in the demonstration activities is best aligned to meet the goals of the program; and

"(C) develop a workforce and infrastructure plan to support any new policies and guidance implemented in connection with the demonstration activities, including any policies and guidance implemented after the completion of such activities.

"(c) Policies and Guidance Required.—Not later than one year after the date of the enactment of this Act [Dec. 20, 2019], based on the results of the demonstration activities carried out under subsection (b), the Secretary of Defense shall issue or modify policies and guidance to—

"(1) promote the use of digital engineering capabilities for development and for automated testing; and

"(2) address roles, responsibilities, and procedures relating to such capabilities.

"(d) Steering Committee.—

"(1) In general.—The Secretary of Defense shall establish a steering committee to assist the Secretary in carrying out subsections (a) through (c).

"(2) Membership.—The steering committee shall be composed of the following members or their designees:

"(A) The Under Secretary of Defense for Research and Engineering.

"(B) The Under Secretary of Defense for Acquisition and Sustainment.

"(C) The Chief Information Officer.

"(D) The Director of Operational Test and Evaluation.

"(E) The Director of Cost Assessment and Program Evaluation.

"(F) The Service Acquisition Executives.

"(G) The Service testing commands.

"(H) The Director of the Defense Digital Service.

"(e) Reports Required.—

"(1) Implementation.—Not later than March 15, 2020, the Secretary of Defense shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a report on the progress of the Secretary in implementing subsections (a) through (c). The report shall include an explanation of how the results of the demonstration activities carried out under subsection (b) will be incorporated into the policy and guidance required under subsection (c), particularly the policy and guidance of the members of the steering committee established under subsection (d).

"(2) Legislative recommendations.—Not later than October 15, 2020, the Secretary of Defense shall provide to the congressional defense committees a briefing that identifies any changes to existing law that may be necessary to facilitate the implementation of subsections (a) through (c).

"(f) Independent Assessment.—

"(1) In general.—Not later than March 15, 2021, the Defense Innovation Board and the Defense Science Board shall jointly complete an independent assessment of the progress of the Secretary in implementing subsections (a) through (c). The Secretary of Defense shall ensure that the Defense Innovation Board and the Defense Science Board have access to the resources, data, and information necessary to complete the assessment.

"(2) Information to congress.—Not later than 30 days after the date on which the assessment under paragraph (1) is completed, the Defense Innovation Board and the Defense Science Board shall jointly provide to the congressional defense committees—

"(A) a report summarizing the assessment; and

"(B) a briefing on the findings of the assessment."

Strategy and Implementation Plan for Fifth Generation Information and Communications Technologies

Pub. L. 116–92, div. A, title II, §254, Dec. 20, 2019, 133 Stat. 1287, as amended by Pub. L. 117–263, div. A, title II, §232, Dec. 23, 2022, 136 Stat. 2486, provided that:

"(a) In General.—Not later than 270 days after the date of the enactment of this Act [Dec. 20, 2019], the Secretary of Defense shall develop—

"(1) a strategy for harnessing fifth generation (commonly known as '5G') information and communications technologies to enhance military capabilities, maintain a technological advantage on the battlefield, and accelerate the deployment of new commercial products and services enabled by 5G networks throughout the Department of Defense; and

"(2) a plan for implementing the strategy developed under paragraph (1).

"(b) Elements.—The strategy required under subsection (a) shall include the following elements:

"(1) Adoption and use of secure fourth generation (commonly known as '4G') communications technologies and the transition to advanced and secure 5G communications technologies for military applications and for military infrastructure.

"(2) Science, technology, research, and development efforts to facilitate the advancement and adoption of 5G technology and new uses of 5G systems, subsystems, and components, including—

"(A) 5G testbeds for developing military and dual-use applications; and

"(B) spectrum-sharing technologies and frameworks.

"(3) Strengthening engagement and outreach with industry, academia, international partners, and other departments and agencies of the Federal Government on issues relating to 5G technology and the deployment of such technology, including development of a common industrial base for secure microelectronics.

"(4) Defense industrial base supply chain risk, management, and opportunities.

"(5) Preserving the ability of the Joint Force to achieve objectives in a contested and congested spectrum environment.

"(6) Strengthening the ability of the Joint Force to conduct full spectrum operations that enhance the military advantages of the United States.

"(7) Securing the information technology and weapon systems of the Department against malicious activity.

"(8) Advancing the deployment of secure 5G networks nationwide.

"(9) Such other matters as the Secretary of Defense determines to be relevant.

"(c) Consultation.—In developing the strategy and implementation plan required under subsection (a), the Secretary of Defense shall consult with the following:

"(1) The Chief Information Officer of the Department of Defense.

"(2) The Under Secretary of Defense for Research and Engineering.

"(3) The Under Secretary of Defense for Acquisition and Sustainment.

"(4) The Under Secretary of Defense for Intelligence [now Under Secretary of Defense for Intelligence and Security].

"(5) Service Acquisition Executives of each military service.

"(d) Periodic Briefings.—

"(1) In general.—Not later than March 15, 2020, and not less frequently than once every three months thereafter through December 1, 2026, the Secretary of Defense shall provide to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a briefing on the development and implementation of the strategy required under subsection (a), including an explanation of how the Department of Defense—

"(A) is using secure 5G wireless network technology;

"(B) is reshaping the Department's policy for producing and procuring secure microelectronics; and

"(C) is working in the interagency and internationally to develop common policies and approaches.

"(2) Elements.—Each briefing under paragraph (1) shall include information on—

"(A) efforts to ensure a secure supply chain for 5G wireless network equipment and microelectronics;

"(B) the continued availability of electromagnetic spectrum for warfighting needs;

"(C) planned implementation of 5G wireless network infrastructure in warfighting networks, base infrastructure, defense-related manufacturing, and logistics;

"(D) steps taken to work with allied and partner countries to protect critical networks and supply chains; and

"(E) such other topics as the Secretary of Defense considers relevant."

Department-Wide Software Science and Technology Strategy

Pub. L. 116–92, div. A, title II, §255, Dec. 20, 2019, 133 Stat. 1288, as amended by Pub. L. 117–81, div. A, title II, §§212(c)(1), 215(d)(10), Dec. 27, 2021, 135 Stat. 1588, 1594, provided that:

"(a) Designation of Senior Official.—Not later than 180 days after the date of the enactment of this Act [Dec. 20, 2019], the Secretary of Defense, acting through the Under Secretary of Defense for Research and Engineering and in consultation with the Under Secretary of Defense for Acquisition and Sustainment and appropriate public and private sector organizations, shall designate a single official or existing entity within the Department of Defense as the official or entity (as the case may be) with principal responsibility for guiding the development of science and technology activities related to next generation software and software reliant systems for the Department, including—

"(1) research and development activities on new technologies for the creation of highly secure, scalable, reliable, time-sensitive, and mission-critical software;

"(2) research and development activities on new approaches and tools to software development and deployment, testing, integration, and next generation software management tools to support the rapid insertion of such software into defense systems;

"(3) foundational scientific research activities to support advances in software;

"(4) technical workforce and infrastructure to support defense science and technology and software needs and mission requirements;

"(5) providing capabilities, including technologies, systems, and technical expertise to support improved acquisition of software reliant business and warfighting systems; and

"(6) providing capabilities, including technologies, systems, and technical expertise to support defense operational missions which are reliant on software.

"(b) Development of Strategy.—The official or entity designated under subsection (a) shall develop a Department-wide strategy for the research and development of next generation software and software reliant systems for the Department of Defense, including strategies for—

"(1) types of software-related activities within the science and technology portfolio of the Department;

"(2) investment in new approaches to software development and deployment, and next generation management tools;

"(3) ongoing research and other support of academic, commercial, and development community efforts to innovate the software development, engineering, and testing process, automated testing, assurance and certification for safety and mission critical systems, large scale deployment, and sustainment;

"(4) to the extent practicable, implementing or continuing the implementation of the recommendations set forth in—

"(A) the final report of the Defense Innovation Board submitted to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] under section 872 of the National Defense Authorization Act for Fiscal Year 2018 (Public Law 115–91; 131 Stat. 1497);

"(B) the final report of the Defense Science Board Task Force on the Design and Acquisition of Software for Defense Systems described in section 868 of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (Public Law 115–232; 10 U.S.C. 2223[a] note [now 10 U.S.C. 4571 note]); and

"(C) other relevant studies on software research, development, and acquisition activities of the Department of Defense.

"(5) supporting the acquisition, technology development, testing, assurance, and certification and operational needs of the Department through the development of capabilities, including personnel and research and production infrastructure, and programs in—

"(A) the science and technology reinvention laboratories (as designated under section 4121(b) of title 10, United States Code);

"(B) the facilities of the Major Range and Test Facility Base (as defined in section 2358a(g) of title 10, United States Code [now 10 U.S.C. 4091(f)]);

"(C) the Defense Advanced Research Projects Agency; and

"(D) universities, federally funded research and development centers, and service organizations with activities in software engineering; and

"(6) the transition of relevant capabilities and technologies to relevant programs of the Department, including software-reliant cyber-physical systems, tactical systems, enterprise systems, and business systems.

"(c) Submittal to Congress.—Not later than one year after the date of the enactment of this Act [Dec. 20, 2019], the official or entity designated under subsection (a) shall submit to the congressional defense committees the strategy developed under subsection (b)."

Authority for Continuous Integration and Delivery of Software Applications and Upgrades to Embedded Systems

Pub. L. 116–92, div. A, title VIII, §800, Dec. 20, 2019, 133 Stat. 1478, provided that:

"(a) Software Acquisition and Development Pathways.—The Secretary of Defense shall establish pathways as described under subsection (b) to provide for the efficient and effective acquisition, development, integration, and timely delivery of secure software. Such a pathway shall include the following:

"(1) Use of proven technologies and solutions.—A pathway established under this section shall provide for the use of proven technologies and solutions to continuously engineer and deliver capabilities in software.

"(2) Use of authority.—In using the authority under this section, the Secretary shall consider how such use will—

"(A) initiate the engineering of new software capabilities quickly;

"(B) demonstrate the viability and effectiveness of such capabilities for operational use not later than one year after the date on which funds are first obligated to acquire or develop software; and

"(C) allow for the continuous updating and delivery of new capabilities not less frequently than annually to iteratively meet a requirement.

"(3) Treatment not as major defense acquisition program.—Software acquired or developed using the authority under this section shall not be treated as a major defense acquisition program for purposes of section 2430 of title 10, United States Code [now 10 U.S.C. 4201], or Department of Defense Directive 5000.01 without the specific direction of the Under Secretary of Defense for Acquisition and Sustainment or a Senior Acquisition Executive.

"(4) Risk-based approach.—The Secretary of Defense shall use a risk-based approach for the consideration of innovative technologies and new capabilities for software to be acquired or developed under this authority to meet needs communicated by the Joint Chiefs of Staff and the combatant commanders.

"(b) Pathways.—The Secretary of Defense may establish as many pathways as the Secretary determines appropriate and shall establish the following pathways:

"(1) Applications.—The applications software acquisition pathway shall provide for the use of rapid development and implementation of applications and other software or software improvements operated by the Department of Defense, which may include applications running on commercial commodity hardware (including modified hardware) and commercially available cloud computing platforms.

"(2) Embedded systems.—The embedded systems software acquisition pathway shall provide for the rapid development and insertion of upgrades and improvements for software embedded in weapon systems and other military-unique hardware systems.

"(c) Expedited Process.—

"(1) In general.—A pathway established under subsection (a) shall provide for—

"(A) a streamlined and coordinated requirements, budget, and acquisition process to support rapid fielding of software applications and of software upgrades to embedded systems for operational use in a period of not more than one year from the time that the process is initiated;

"(B) the collection of data on software fielded; and

"(C) continuous engagement with the users of software to support engineering activities, and to support delivery of software for operational use in periods of not more than one year.

"(2) Expedited software requirements process.—

"(A) Inapplicability of joint capabilities integration and development system (jcids) manual.—Software acquisition or development conducted under the authority of this section shall not be subject to the Joint Capabilities Integration and Development System Manual, except pursuant to a modified process specifically provided for the acquisition or development of software by the Vice Chairman of the Joint Chiefs of Staff, in consultation with Under Secretary of Defense for Acquisition and Sustainment and each service acquisition executive (as defined in section 101(a)(10) of title 10, United States Code).

"(B) Inapplicability of defense acquisition system directive.—Software acquisition or development conducted under the authority of this section shall not be subject to Department of Defense Directive 5000.01, except when specifically provided for the acquisition or development of software by the Under Secretary of Defense for Acquisition and Sustainment, in consultation with the Vice Chairman of the Joint Chiefs of Staff and each service acquisition executive.

"(d) Elements.—In implementing a pathway established under the authority of this section, the Secretary shall tailor requirements relating to—

"(1) iterative development of requirements for software to be acquired or developed under the authority of this section through engagement with the user community and through the use of operational user feedback, in order to continuously define and update priorities for such requirements;

"(2) early identification of the warfighter or user need, including the rationale for how software capabilities will support increased lethality and efficiency, and identification of a relevant user community;

"(3) initial contract requirements and format, including the use of summary-level lists of problems and shortcomings in existing software and desired features or capabilities of new or upgraded software;

"(4) continuous refinement and prioritization of contract requirements through use of evolutionary processes, informed by continuous engagement with operational users throughout the development and implementation period;

"(5) continuous consideration of issues related to lifecycle costs, technical data rights, and systems interoperability;

"(6) planning for support of software capabilities in cases where the software developer may stop supporting the software;

"(7) rapid contracting procedures, including expedited timeframes for making awards, selecting contract types, defining teaming arrangements, and defining options;

"(8) program execution processes, including supporting development and test infrastructure, automation and tools, digital engineering, data collection and sharing with Department of Defense oversight organizations and with Congress, the role of developmental and operational testing activities, key decision making and oversight events, and supporting processes and activities (such as independent costing activity, operational demonstration, and performance metrics);

"(9) assurances that cybersecurity metrics of the software to be acquired or developed, such as metrics relating to the density of vulnerabilities within the code of such software, the time from vulnerability identification to patch availability, the existence of common weaknesses within such code, and other cybersecurity metrics based on widely-recognized standards and industry best practices, are generated and made available to the Department of Defense and the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives];

"(10) administrative procedures, including procedures related to who may initiate and approve an acquisition under this authority, the roles and responsibilities of the implementing project or product teams and supporting activities, team selection and staffing process, governance and oversight roles and responsibilities, and appropriate independent technology assessments, testing, and cost estimation (including relevant thresholds or designation criteria);

"(11) mechanisms and waivers designed to ensure flexibility in the implementation of a pathway under this section, including the use of other transaction authority, broad agency announcements, and other procedures; and

"(12) mechanisms the Secretary will use for appropriate reporting to Congress on the use of this authority, including notice of initiation of the use of a pathway and data regarding individual programs or acquisition activities, how acquisition activities are reflected in budget justification materials or requests to reprogram appropriated funds, and compliance with other reporting requirements.

"(e) Guidance Required.—

"(1) In general.—Not later than 90 days after the date of the enactment of this Act [Dec. 20, 2019], the Secretary of Defense shall issue initial guidance to implement the requirements of this section.

"(2) Limitation.—If the Secretary of Defense has not issued final guidance to implement the requirements of this section before October 1, 2021, the Secretary may not use the authority under this section—

"(A) to establish a new pathway to acquire or develop software; or

"(B) to continue activities to acquire or develop software using a pathway established under initial guidance described in paragraph (1).

"(f) Report.—

"(1) In general.—Not later than October 15, 2020, the Under Secretary of Defense for Acquisition and Sustainment, in consultation with the secretaries of the military departments and other appropriate officials, shall report on the use of the authority under this section using the initial guidance issued under subsection (d).

"(2) Elements.—The report required under paragraph (1) shall include the following elements:

"(A) The final guidance required by subsection (d)(2), including a description of the treatment of use of the authority that was initiated before such final guidance was issued.

"(B) A summary of how the authority under this section has been used, including a list of the cost estimate, schedule for development, testing and delivery, and key management risks for each initiative conducted pursuant to such authority.

"(C) Accomplishments from and challenges to using the authority under this section, including organizational, cultural, talent, infrastructure, testing, and training considerations.

"(D) Recommendations for legislative changes to the authority under this section.

"(E) Recommendations for regulatory changes to the authority under this section to promote effective development and deployment of software acquired or developed under this section."

Reorientation of Big Data Platform Program

Pub. L. 116–92, div. A, title XVI, §1651, Dec. 20, 2019, 133 Stat. 1759, as amended by Pub. L. 116–283, div. A, title XVII, §1709(a), Jan. 1, 2021, 134 Stat. 4086, provided that:

"(a) Reorientation of Program.—

"(1) In general.—Not later than January 1, 2021, the Secretary of Defense shall—

"(A) reorient the Big Data Platform program as specified in this section; and

"(B) align the reorientation effort under an existing line of effort of the Cyber Strategy of the Department of Defense.

"(2) Oversight of implementation.—The Secretary shall act through the Principal Cyber Advisor and the supporting Cross Functional Team in the oversight of the implementation of paragraph (1).

"(b) Common Baseline and Security Classification Scheme.—

"(1) In general.—Not later than January 1, 2021, the Secretary shall establish a common baseline and security classification scheme for the collection, storage, processing, querying, analysis, and accessibility of a common and comprehensive set of metadata from sensors, applications, appliances, products, and systems deployed across the Department of Defense Information Network (DODIN) to enable the discovery, tracking, and remediation of cybersecurity threats.

"(2) Requirements.—In carrying out paragraph (1), the Secretary shall—

"(A) take such actions as the Secretary considers necessary to standardize deployed infrastructure, including the Department of Defense's perimeter capabilities at the Internet Access Points, the Joint Regional Security Stacks, or other approved solutions, and the routing of data laterally and vertically from Department of Defense Information Network segments and tiers, to enable standard and comprehensive metadata collection;

"(B) take such actions as the Secretary considers necessary to standardize deployed cybersecurity applications, products, and sensors and the routing of data laterally and vertically from Department of Defense Information Network segments and tiers, to enable standard and comprehensive metadata collection;

"(C) develop an enterprise-wide architecture and strategy for—

"(i) where to place sensors or extract data from network information technology, operational technology, and cybersecurity appliances, applications, products, and systems for cybersecurity purposes;

"(ii) which metadata data records should be universally sent to Big Data Platform instances and which metadata data records, if any, should be locally retained; and

"(iii) expeditiously and efficiently transmitting metadata records to the Big Data Platform instances, including the acquisition and installation of further data bandwidth;

"(D) determine the appropriate number, organization, and functions of separate Big Data Platform instances, and whether the Big Data Platform instances that are currently managed by Department of Defense components, including the military services, should instead be jointly and regionally organized, or terminated;

"(E) determine the appropriate roles of the Defense Information Systems Agency's Acropolis, United States Cyber Command's Scarif, and any similar Big Data Platforms as enterprise-wide real-time cybersecurity situational awareness capabilities or as complements or replacements for component level Big Data Platform instances;

"(F) ensure that all Big Data Platform instances are engineered and approved to enable standard access and expeditious query capabilities by the Unified Platform, the network defense service providers, and the Cyber Mission Forces, with centrally managed authentication and authorization services;

"(G) prohibit and remove barriers to information sharing, distributed query, data analysis, and collaboration across Big Data Platform instances, such as incompatible interfaces, interconnection service agreements, and the imposition of accreditation boundaries;

"(H) transition all Big Data Platform instances to a cloud computing environment in alignment with the cloud strategy of the Chief Information Officer of the Department of Defense;

"(I) consider whether packet capture databases should continue to be maintained separately from the Big Data Platform instances, managed at the secret level of classification, and treated as malware-infected when the packet data are copies of packets extant in the Department of Defense Information Network;

"(J) in the case that the Secretary decides to sustain the status quo on packet capture databases, ensure that analysts operating on or from the Unified Platform, the Big Data Platform instances, the network defense services providers, and the Cyber Mission Forces can directly access packets and query the database; and

"(K) consider whether the Joint Artificial Intelligence Center's cybersecurity artificial intelligence national mission initiative, and any other similar initiatives, should include an application for the metadata residing in the Big Data Platform instances.

"(c) Limit on Data and Data Indexing Schema.—The Secretary shall ensure that the Unified Platform and the Big Data Platform programs achieve data and data indexing schema standardization and integration to ensure interoperability, access, and sharing by and between Big Data Platform and other data sources and stores.

"(d) Analytics and Application Sourcing and Collaboration.—The Secretary shall ensure that the services, U.S. Cyber Command, and Defense Information Systems Agency—

"(1) seek advanced analytics and applications from Government and commercial sources that can be executed on the deployed Big Data Platform architecture; and

"(2) collaborate with vendors offering commercial analytics and applications, including support to refactoring commercial capabilities to the Government platform where industry can still own the intellectual property embedded in the analytics and applications.

"(e) Briefing Required.—Not later than 180 days after the date of the enactment of this Act [Dec. 20, 2019] and not less frequently than once every 180 days thereafter until the activities required by subsection (a)(1) are completed, the Secretary shall brief the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] on the activities of the Secretary in carrying out subsection (b).

"(f) Applicability.—The requirements of this section shall apply in full to the Department of the Navy, including the Sharkcage and associated programs."

[Reference to Joint Artificial Intelligence Center, referred to in subsec. (b)(2)(K) of section 1651 of Pub. L. 116–92, set out above, deemed to refer to the office of the official designated under section 238(b) of Pub. L. 115–232, see section 212(m) of Pub. L. 117–263, set out as a note preceding section 4061 of this title (in a bracketed note following section 238 of Pub. L. 115–232).]

Policy Regarding the Transition of Data and Applications to the Cloud

Pub. L. 116–92, div. A, title XVII, §1755, Dec. 20, 2019, 133 Stat. 1854, provided that:

"(a) Policy Required.—Not later than 180 days after the date of the enactment of this Act [Dec. 20, 2019], the Chief Information Officer of the Department of Defense and the Chief Data Officer of the Department shall, in consultation with the J6 of the Joint Staff and the Chief Management Officer, develop and issue enterprise-wide policy and implementing instructions regarding the transition of data and applications to the cloud under the Department cloud strategy in accordance with subsection (b).

"(b) Design.—The policy required by subsection (a) shall be designed to dramatically improve support to operational missions and management processes, including by the use of artificial intelligence and machine learning technologies, by—

"(1) making the data of the Department available to support new types of analyses;

"(2) preventing, to the maximum extent practicable, the replication in the cloud of data stores that cannot readily be accessed by applications for which the data stores were not originally engineered;

"(3) ensuring that data sets can be readily discovered and combined with others to enable new insights and capabilities; and

"(4) ensuring that data and applications are readily portable and not tightly coupled to a specific cloud infrastructure or platform."

Implementation of Recommendations of the Final Report of the Defense Science Board Task Force on the Design and Acquisition of Software for Defense Systems

Pub. L. 115–232, div. A, title VIII, §868, Aug. 13, 2018, 132 Stat. 1902, provided that:

"(a) Implementation Required.—Not later than 18 months after the date of the enactment of this Act [Aug. 13, 2018], the Secretary of Defense shall, except as provided under subsection (b), commence implementation of each recommendation submitted as part of the final report of the Defense Science Board Task Force on the Design and Acquisition of Software for Defense Systems.

"(b) Exceptions.—

"(1) Delayed implementation.—The Secretary of Defense may commence implementation of a recommendation described under subsection (a) later than the date required under such subsection if the Secretary provides the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] with a specific justification for the delay in implementation of such recommendation.

"(2) Nonimplementation.—The Secretary of Defense may opt not to implement a recommendation described under subsection (a) if the Secretary provides to the congressional defense committees—

"(A) the reasons for the decision not to implement the recommendation; and

"(B) a summary of the alternative actions the Secretary plans to take to address the purposes underlying the recommendation.

"(c) Implementation Plans.—For each recommendation that the Secretary is implementing, or that the Secretary plans to implement, the Secretary shall submit to the congressional defense committees—

"(1) a summary of actions that have been taken to implement the recommendation; and

"(2) a schedule, with specific milestones, for completing the implementation of the recommendation."

Activities and Reporting Relating to Department of Defense's Cloud Initiative

Pub. L. 115–232, div. A, title X, §1064, Aug. 13, 2018, 132 Stat. 1971, provided that:

"(a) Activities Required.—Commencing not later than 90 days after the date of the enactment of this Act [Aug. 13, 2018], the Chief Information Officer of the Department of Defense, acting through the Cloud Executive Steering Group established by the Deputy Secretary of Defense in a directive memorandum dated September 13, 2017, in order to support its Joint Enterprise Defense Infrastructure initiative to procure commercial cloud services, shall conduct certain key enabling activities as follows:

"(1) Develop an approach to rapidly acquire advanced commercial network capabilities, including software-defined networking, on-demand bandwidth, and aggregated cloud access gateways, through commercial service providers in order—

"(A) to support the migration of applications and systems to commercial cloud platforms;

"(B) to increase visibility of end-to-end performance to enable and enforce service level agreements for cloud services;

"(C) to ensure efficient and common cloud access;

"(D) to facilitate shifting data and applications from one cloud platform to another;

"(E) to improve cybersecurity; and

"(F) to consolidate networks and achieve efficiencies and improved performance;

"(2) Conduct an analysis of existing workloads that would be migrated to the Joint Enterprise Defense Infrastructure, including—

"(A) identifying all of the cloud initiatives across the Department of Defense, and determining the objectives of such initiatives in connection with the intended scope of the Infrastructure;

"(B) identifying all the systems and applications that the Department would intend to migrate to the Infrastructure;

"(C) conducting rationalization of applications to identify applications and systems that may duplicate the processing of workloads in connection with the Infrastructure; and

"(D) as result of such actions, arriving at dispositions about migration or termination of systems and applications in connection with the Infrastructure.

"(b) Report Required.—The Chief Information Officer shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a report on the Department of Defense's Cloud Initiative to manage networks, data centers, and clouds at the enterprise level. Such report shall include each of the following:

"(1) A description [of] the status of completion of the activities required under subsection (a).

"(2) Information relating to the current composition of the Cloud Executive Steering Group and the stakeholders relating to the Department of Defense's Cloud Initiative and associated mission, objectives, goals, and strategy.

"(3) A description of the characteristics and considerations for accelerating the cloud architecture and services required for a global, resilient, and secure information environment.

"(4) Information relating to acquisition strategies and timeline for efforts associated with the Department of Defense's Cloud Initiative, including the Joint Enterprise Defense Infrastructure.

"(5) A description of how the acquisition strategies referred to in paragraph (4) provides [sic] for a full and open competition, enable the Department of Defense to continuously leverage and acquire new cloud computing capabilities, maintain the ability of the Department to leverage other cloud computing vendor products and services, incorporate elements to maintain security, and provide for the best performance, cost, and schedule to meet the cloud architecture and services requirements of the Department for the duration of such contract.

"(6) A detailed description of existing workloads that will be migrated to enterprise-wide cloud infrastructure or platforms as a result of the Department of Defense's Cloud Initiative, including estimated migration costs and timelines, based on the analysis required under subsection (a)(2).

"(7) A description of the program management and program office of the Department of Defense's Cloud Initiative, including the number of personnel, overhead costs, and organizational structure.

"(8) A description of the effect of the Joint Enterprise Defense Infrastructure on and the relationship of such Infrastructure to existing cloud computing infrastructure, platform, and service contracts across the Department of Defense, specifically the effect and relationship to the private cloud infrastructure of the Department, MilCloud 2.0 run by the Defense Information Systems Agency based on the analysis required under subsection (a)(2).

"(9) Information relating to the most recent Department of Defense Cloud Computing Strategy and description of any initiatives to update such Strategy.

"(10) Information relating to Department of Defense guidance pertaining to cloud computing capability or platform acquisition and standards, and a description of any initiatives to update such guidance.

"(11) Any other matters the Secretary of Defense determines relevant.

"(c) Limitation on Use of Funds.—Of the amounts authorized to be appropriated or otherwise made available by this Act [see Tables for classification] for fiscal year 2019 for the Department of Defense's Cloud Initiative, not more than 85 percent may be obligated or expended until the Secretary of Defense submits to the congressional defense committees the report required by subsection (b).

"(d) Limitation on New Systems and Applications.—

"(1) In general.—Except as provided in paragraph (2), the Deputy Secretary shall require that no new system or application will be approved for development or modernization without an assessment that such system or application is already, or can and would be, cloud-hosted.

"(2) Waiver.—The Deputy Secretary may issue a national waiver to the requirement under paragraph (1) if the Deputy Secretary determines, pursuant to the assessment described in such paragraph, that the requirement would adversely affect the national security of the United States. If the Deputy Secretary issues a waiver under this paragraph, the Deputy Secretary shall provide to the congressional defense committees a written notification of such waiver, justification for the waiver, and identification of the system or application to which the waiver applies by not later than 15 days after the date on which the waiver is issued.

"(e) Transparency and Competition.—The Deputy Secretary shall ensure that the acquisition approach of the Department continues to follow the Federal Acquisition Regulation with respect to competition."

Pilot Program To Use Agile or Iterative Development Methods To Tailor Major Software-Intensive Warfighting Systems and Defense Business Systems

Pub. L. 115–232, div. A, title VIII, §869(a)–(d), Aug. 13, 2018, 132 Stat. 1902, 1903, provided that the Secretary of Defense was to include certain systems in the pilot program to use agile or iterative development methods pursuant to section 873 of Pub. L. 115–91, formerly set out below.

Pub. L. 115–91, div. A, title VIII, §873, Dec. 12, 2017, 131 Stat. 1498, as amended by Pub. L. 115–232, div. A, title VIII, §869(e), Aug. 13, 2018, 132 Stat. 1903, provided that the Secretary of Defense was to establish a pilot program to tailor and simplify software development requirements and methods for major software-intensive warfighting systems and defense business systems, and that such pilot program would terminate on Sept. 30, 2023.

Global Theater Security Cooperation Management Information System

Pub. L. 115–91, div. A, title XII, §1272, Dec. 12, 2017, 131 Stat. 1695, provided that:

"(a) Update of Guidance.—

"(1) In general.—Not later than 180 days after the date of the enactment of this Act [Dec. 12, 2017], the Secretary of Defense shall—

"(A) update relevant security cooperation guidance issued by the Secretary for use of the Global Theater Security Cooperation Management Information System (in this section referred to as 'G-TSCMIS'), including guidance relating to the matters described in paragraph (3); and

"(B) submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a report that contains such guidance.

"(2) Successor system.—Not later than 180 days after the date of the adoption of any security cooperation information system that is a successor to G-TSCMIS, the Secretary of Defense shall—

"(A) update relevant security cooperation guidance issued by the Secretary for use of such system, including guidance relating to the matters described in paragraph (3); and

"(B) submit to the congressional defense committees a report that contains such guidance.

"(3) Matters described.—The matters described in this paragraph are the following:

"(A) Designation of an authoritative data repository for security cooperation information, with enforceable data standards and data controls.

"(B) Responsibilities for entry of data relating to programs and activities into the system.

"(C) Oversight and accountability measures to ensure the full scope of activities are entered into the system consistently and in a timely manner.

"(D) Such other matters as the Secretary considers appropriate.

"(b) Report.—

"(1) In general.—Not later than 270 days after the adoption of any security cooperation information system that is the successor to G-TSCMIS, the Secretary of Defense shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a report setting forth a review of measures for evaluating the system in order to comply with guidance required by subsection (a).

"(2) Elements.—The review required by paragraph (1) shall include the following:

"(A) An evaluation of the impacts of inconsistent information on the system's functionality as a tool for planning, resource allocation, and adjustment.

"(B) An evaluation of the effectiveness of oversight and accountability measures.

"(C) An evaluation of feedback from the operational community to inform future requirements.

"(D) Such other matters as the Secretary considers appropriate.

"(3) Form.—The report required under paragraph (1) shall be submitted in unclassified form, but may include a classified annex."

Operational Metrics for Joint Information Environment and Supporting Activities

Pub. L. 113–291, div. A, title VIII, §854, Dec. 19, 2014, 128 Stat. 3459, provided that:

"(a) Guidance.—Not later than 180 days after the date of the enactment of this Act [Dec. 19, 2014], the Secretary of Defense, acting through the Chief Information Officer of the Department of Defense, shall issue guidance for measuring the operational effectiveness and efficiency of the Joint Information Environment within the military departments, Defense Agencies, and combatant commands. The guidance shall include a definition of specific metrics for data collection, and a requirement for each military department, Defense Agency, and combatant command to regularly collect and assess data on such operational effectiveness and efficiency and report the results to such Chief Information Officer on a regular basis.

"(b) Baseline Architecture.—The Chief Information Officer of the Department of Defense shall identify a baseline architecture for the Joint Information Environment by identifying and reporting to the Secretary of Defense any information technology programs or other investments that support that architecture.

"(c) Joint Information Environment Defined.—In this section, the term 'Joint Information Environment' means the initiative of the Department of Defense to modernize the information technology networks and systems within the Department."

Data Servers and Centers

Pub. L. 112–81, div. B, title XXVIII, §2867, Dec. 31, 2011, 125 Stat. 1704, as amended by Pub. L. 112–239, div. B, title XXVIII, §2853, Jan. 2, 2013, 126 Stat. 2161; Pub. L. 115–91, div. A, title X, §1051(q)(3), Dec. 12, 2017, 131 Stat. 1565, provided that:

"(a) Limitations on Obligation of Funds.—

"(1) Limitations.—

"(A) Before performance plan.—During the period beginning on the date of the enactment of this Act [Dec. 31, 2011] and ending on May 1, 2012, a department, agency, or component of the Department of Defense may not obligate funds for a data server farm or data center unless approved by the Chief Information Officer of the Department of Defense or the Chief Information Officer of a component of the Department to whom the Chief Information Officer of the Department has specifically delegated such approval authority.

"(B) Under performance plan.—After May 1, 2012, a department, agency, or component of the Department may not obligate funds for a data center, or any information systems technology used therein, unless that obligation is in accordance with the performance plan required by subsection (b) and is approved as described in subparagraph (A).

"(2) Requirements for approvals.—

"(A) Before performance plan.—An approval of the obligation of funds may not be granted under paragraph (1)(A) unless the official granting the approval determines, in writing, that existing resources of the agency, component, or element concerned cannot affordably or practically be used or modified to meet the requirements to be met through the obligation of funds.

"(B) Under performance plan.—An approval of the obligation of funds may not be granted under paragraph (1)(B) unless the official granting the approval determines that—

"(i) existing resources of the Department do not meet the operation requirements to be met through the obligation of funds; and

"(ii) the proposed obligation is in accordance with the performance standards and measures established by the Chief Information Officer of the Department under subsection (b).

"(3) Reports.—Not later than 30 days after the end of each calendar quarter, each Chief Information Officer of a component of the Department who grants an approval under paragraph (1) during such calendar quarter shall submit to the Chief Information Officer of the Department a report on the approval or approvals so granted during such calendar quarter.

"(b) Performance Plan for Reduction of Resources Required for Data Servers and Centers.—

"(1) Component plans.—

"(A) In general.—Not later than January 15, 2012, the Secretaries of the military departments and the heads of the Defense Agencies shall each submit to the Chief Information Officer of the Department a plan for the department or agency concerned to achieve the following:

"(i) A reduction in the square feet of floor space devoted to information systems technologies, attendant support technologies, and operations within data centers.

"(ii) A reduction in the use of all utilities necessary to power and cool information systems technologies and data centers.

"(iii) An increase in multi-organizational utilization of data centers, information systems technologies, and associated resources.

"(iv) A reduction in the investment for capital infrastructure or equipment required to support data centers as measured in cost per megawatt of data storage.

"(v) A reduction in the number of commercial and government developed applications running on data servers and within data centers.

"(vi) A reduction in the number of government and vendor provided full-time equivalent personnel, and in the cost of labor, associated with the operation of data servers and data centers.

"(B) Specification of required elements.—The Chief Information Officer of the Department shall specify the particular performance standards and measures and implementation elements to be included in the plans submitted under this paragraph, including specific goals and schedules for achieving the matters specified in subparagraph (A).

"(2) Defense-wide plan.—

"(A) In general.—Not later than April 1, 2012, the Chief Information Officer of the Department shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a performance plan for a reduction in the resources required for data centers and information systems technologies Department-wide. The plan shall be based upon and incorporate appropriate elements of the plans submitted under paragraph (1).

"(B) Elements.—The performance plan required under this paragraph shall include the following:

"(i) A Department-wide performance plan for achieving the matters specified in paragraph (1)(A), including performance standards and measures for data centers and information systems technologies, goals and schedules for achieving such matters, and an estimate of cost savings anticipated through implementation of the plan.

"(ii) A Department-wide strategy for each of the following:

     "(I) Desktop, laptop, and mobile device virtualization.

     "(II) Transitioning to cloud computing.

     "(III) Migration of Defense data and government-provided services from Department-owned and operated data centers to cloud computing services generally available within the private sector that provide a better capability at a lower cost with the same or greater degree of security.

     "(IV) Utilization of private sector-managed security services for data centers and cloud computing services.

     "(V) A finite set of metrics to accurately and transparently report on data center infrastructure (space, power and cooling): age, cost, capacity, usage, energy efficiency and utilization, accompanied with the aggregate data for each data center site in use by the Department in excess of 100 kilowatts of information technology power demand.

     "(VI) Transitioning to just-in-time delivery of Department-owned data center infrastructure (space, power and cooling) through use of modular data center technology and integrated data center infrastructure management software.

"(3) Responsibility.—The Chief Information Officer of the Department shall discharge the responsibility for establishing performance standards and measures for data centers and information systems technologies for purposes of this subsection. Such responsibility may not be delegated.

"(c) Exceptions.—

"(1) Intelligence components.—The Chief Information Officer of the Department and the Chief Information Officer of the Intelligence Community may jointly exempt from the applicability of this section such intelligence components of the Department of Defense (and the programs and activities thereof) that are funded through the National Intelligence Program (NIP) as the Chief Information Officers consider appropriate.

"(2) Research, development, test, and evaluation programs.—The Chief Information Officer of the Department may exempt from the applicability of this section research, development, test, and evaluation programs that use authorization of appropriations for the High Performance Computing Modernization Program (Program Element 0603461A) if the Chief Information Officer determines that the exemption is in the best interest of national security."

Demonstration and Pilot Projects on Cybersecurity

Pub. L. 111–383, div. A, title II, §215, Jan. 7, 2011, 124 Stat. 4165, provided that:

"(a) Demonstration Projects on Processes for Application of Commercial Technologies to Cybersecurity Requirements.—

"(1) Projects required.—The Secretary of Defense and the Secretaries of the military departments shall jointly carry out demonstration projects to assess the feasibility and advisability of using various business models and processes to rapidly and effectively identify innovative commercial technologies and apply such technologies to Department of Defense and other cybersecurity requirements.

"(2) Scope of projects.—Any demonstration project under paragraph (1) shall be carried out in such a manner as to contribute to the cyber policy review of the President and the Comprehensive National Cybersecurity Initiative.

"(b) Pilot Programs on Cybersecurity Required.—The Secretary of Defense shall support or conduct pilot programs on cybersecurity with respect to the following areas:

"(1) Threat sensing and warning for information networks worldwide.

"(2) Managed security services for cybersecurity within the defense industrial base, military departments, and combatant commands.

"(3) Use of private processes and infrastructure to address threats, problems, vulnerabilities, or opportunities in cybersecurity.

"(4) Processes for securing the global supply chain.

"(5) Processes for threat sensing and security of cloud computing infrastructure.

"(c) Reports.—

"(1) Reports required.—Not later than 240 days after the date of the enactment of this Act [Jan. 7, 2011], and annually thereafter at or about the time of the submittal to Congress of the budget of the President for a fiscal year (as submitted pursuant to section 1105(a) of title 31, United States Code), the Secretary of Defense shall, in coordination with the Secretary of Homeland Security, submit to Congress a report on any demonstration projects carried out under subsection (a), and on the pilot projects carried out under subsection (b), during the preceding year.

"(2) Elements.—Each report under this subsection shall include the following:

"(A) A description and assessment of any activities under the demonstration projects and pilot projects referred to in paragraph (1) during the preceding year.

"(B) For the pilot projects supported or conducted under subsection (b)(2)—

"(i) a quantitative and qualitative assessment of the extent to which managed security services covered by the pilot project could provide effective and affordable cybersecurity capabilities for components of the Department of Defense and for entities in the defense industrial base, and an assessment whether such services could be expanded rapidly to a large scale without exceeding the ability of the Federal Government to manage such expansion; and

"(ii) an assessment of whether managed security services are compatible with the cybersecurity strategy of the Department of Defense with respect to conducting an active, in-depth defense under the direction of United States Cyber Command.

"(C) For the pilot projects supported or conducted under subsection (b)(3)—

"(i) a description of any performance metrics established for purposes of the pilot project, and a description of any processes developed for purposes of accountability and governance under any partnership under the pilot project; and

"(ii) an assessment of the role a partnership such as a partnership under the pilot project would play in the acquisition of cyberspace capabilities by the Department of Defense, including a role with respect to the development and approval of requirements, approval and oversight of acquiring capabilities, test and evaluation of new capabilities, and budgeting for new capabilities.

"(D) For the pilot projects supported or conducted under subsection (b)(4)—

"(i) a framework and taxonomy for evaluating practices that secure the global supply chain, as well as practices for securely operating in an uncertain or compromised supply chain;

"(ii) an assessment of the viability of applying commercial practices for securing the global supply chain; and

"(iii) an assessment of the viability of applying commercial practices for securely operating in an uncertain or compromised supply chain.

"(E) For the pilot projects supported or conducted under subsection (b)(5)—

"(i) an assessment of the capabilities of Federal Government providers to offer secure cloud computing environments; and

"(ii) an assessment of the capabilities of commercial providers to offer secure cloud computing environments to the Federal Government.

"(3) Form.—Each report under this subsection shall be submitted in unclassified form, but may include a classified annex."

Implementation of New Acquisition Process for Information Technology Systems

Pub. L. 111–84, div. A, title VIII, §804, Oct. 28, 2009, 123 Stat. 2402, which provided for development and implementation of a new acquisition process for information technology systems, was repealed by Pub. L. 115–232, div. A, title VIII, §812(b)(2), Aug. 13, 2018, 132 Stat. 1848.

Clearinghouse for Rapid Identification and Dissemination of Commercial Information Technologies

Pub. L. 110–181, div. A, title VIII, §881, Jan. 28, 2008, 122 Stat. 262, provided that:

"(a) Requirement to Establish Clearinghouse.—Not later than 180 days after the date of the enactment of this Act [Jan. 28, 2008], the Secretary of Defense, acting through the Assistant Secretary of Defense for Networks and Information Integration, shall establish a clearinghouse for identifying, assessing, and disseminating knowledge about readily available information technologies (with an emphasis on commercial off-the-shelf information technologies) that could support the warfighting mission of the Department of Defense.

"(b) Responsibilities.—The clearinghouse established pursuant to subsection (a) shall be responsible for the following:

"(1) Developing a process to rapidly assess and set priorities and needs for significant information technology needs of the Department of Defense that could be met by commercial technologies, including a process for—

"(A) aligning priorities and needs with the requirements of the commanders of the combatant command; and

"(B) proposing recommendations to the commanders of the combatant command of feasible technical solutions for further evaluation.

"(2) Identifying and assessing emerging commercial technologies (including commercial off-the-shelf technologies) that could support the warfighting mission of the Department of Defense, including the priorities and needs identified pursuant to paragraph (1).

"(3) Disseminating information about commercial technologies identified pursuant to paragraph (2) to commanders of combatant commands and other potential users of such technologies.

"(4) Identifying gaps in commercial technologies and working to stimulate investment in research and development in the public and private sectors to address those gaps.

"(5) Enhancing internal data and communications systems of the Department of Defense for sharing and retaining information regarding commercial technology priorities and needs, technologies available to meet such priorities and needs, and ongoing research and development directed toward gaps in such technologies.

"(6) Developing mechanisms, including web-based mechanisms, to facilitate communications with industry regarding the priorities and needs of the Department of Defense identified pursuant to paragraph (1) and commercial technologies available to address such priorities and needs.

"(7) Assisting in the development of guides to help small information technology companies with promising technologies to understand and navigate the funding and acquisition processes of the Department of Defense.

"(8) Developing methods to measure how well processes developed by the clearinghouse are being utilized and to collect data on an ongoing basis to assess the benefits of commercial technologies that are procured on the recommendation of the clearinghouse.

"(c) Personnel.—The Secretary of Defense, acting through the Assistant Secretary of Defense for Networks and Information Integration, shall provide for the hiring and support of employees (including detailees from other components of the Department of Defense and from other Federal departments or agencies) to assist in identifying, assessing, and disseminating information regarding commercial technologies under this section.

"(d) Report to Congress.—Not later than one year after the date of the enactment of this Act [Jan. 28, 2008], the Secretary of Defense shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a report on the implementation of this section."

Improvement of Software Acquisition Processes

Pub. L. 107–314, div. A, title VIII, §804, Dec. 2, 2002, 116 Stat. 2604, provided that:

"(a) Establishment of Programs.—(1) The Secretary of each military department shall establish a program to improve the software acquisition processes of that military department.

"(2) The head of each Defense Agency that manages a major defense acquisition program with a substantial software component shall establish a program to improve the software acquisition processes of that Defense Agency.

"(3) The programs required by this subsection shall be established not later than 120 days after the date of the enactment of this Act [Dec. 2, 2002].

"(b) Program Requirements.—A program to improve software acquisition processes under this section shall, at a minimum, include the following:

"(1) A documented process for software acquisition planning, requirements development and management, project management and oversight, and risk management.

"(2) Efforts to develop appropriate metrics for performance measurement and continual process improvement.

"(3) A process to ensure that key program personnel have an appropriate level of experience or training in software acquisition.

"(4) A process to ensure that each military department and Defense Agency implements and adheres to established processes and requirements relating to the acquisition of software.

"(c) Department of Defense Guidance.—The Assistant Secretary of Defense for Command, Control, Communications, and Intelligence, in consultation with the Under Secretary of Defense for Acquisition, Technology, and Logistics, shall—

"(1) prescribe uniformly applicable guidance for the administration of all of the programs established under subsection (a) and take such actions as are necessary to ensure that the military departments and Defense Agencies comply with the guidance; and

"(2) assist the Secretaries of the military departments and the heads of the Defense Agencies to carry out such programs effectively by—

"(A) ensuring that the criteria applicable to the selection of sources provides added emphasis on past performance of potential sources, as well as on the maturity of the software products offered by the potential sources; and

"(B) identifying, and serving as a clearinghouse for information regarding, best practices in software development and acquisition in both the public and private sectors.

"(d) Definitions.—In this section:

"(1) The term 'Defense Agency' has the meaning given the term in section 101(a)(11) of title 10, United States Code.

"(2) The term 'major defense acquisition program' has the meaning given such term in section 139(a)(2)(B) of title 10, United States Code."

§4576. Requirement for consideration of certain matters during acquisition of noncommercial computer software

(a) Consideration Required.—As part of any negotiation for the acquisition of noncommercial computer software, the Secretary of Defense shall ensure that such negotiations consider, to the maximum extent practicable, acquisition, at the appropriate time in the life cycle of the noncommercial computer software, of all software and related materials necessary—

(1) to reproduce, build, or recompile the software from original source code and required libraries;

(2) to conduct required computer software testing; and

(3) to deploy working computer software system binary files on relevant system hardware.

(b) Delivery of Software and Related Materials.—Any noncommercial computer software or related materials required to be delivered as a result of considerations in subsection (a) shall, to the extent appropriate as determined by the Secretary—

(1) include computer software delivered in a useable, digital format;

(2) not rely on external or additional software code or data, unless such software code or data is included in the items to be delivered; and

(3) in the case of negotiated terms that do not allow for the inclusion of dependent software code or data, sufficient documentation to support maintenance and understanding of interfaces and software revision history.

(Added Pub. L. 115–91, div. A, title VIII, §871(a)(1), Dec. 12, 2017, 131 Stat. 1496, §2322a; renumbered §4576, Pub. L. 116–283, div. A, title XVIII, §1857(c), Jan. 1, 2021, 134 Stat. 4276.)

Editorial Notes

Prior Provisions

Prior sections 4591 to 4595 were renumbered sections 7591 to 7595 of this title, respectively.

Amendments

2021—Pub. L. 116–283 renumbered section 2322a of this title as this section.

Statutory Notes and Related Subsidiaries

Effective Date of 2021 Amendment

Amendment by Pub. L. 116–283 effective Jan. 1, 2022, with additional provisions for delayed implementation and applicability of existing law, see section 1801(d) of Pub. L. 116–283, set out as a note preceding section 3001 of this title.

Guidance

Pub. L. 115–91, div. A, title VIII, §871(b), Dec. 12, 2017, 131 Stat. 1497, provided that: "Not later than 180 days after the date of the enactment of this Act [Dec. 12, 2017], the Secretary of Defense shall issue updated guidance to implement section 2322a of title 10, United States Code [now 10 U.S.C. 4576], as added by subsection (a)."