4.2003
Notification
When notified by a contractor about Kaspersky Lab products or services, agencies must follow their internal procedures to address the issue.
Overview
FAR 4.2003 addresses the process for handling contractor notifications related to the prohibition on contracting for hardware, software, and services developed or provided by Kaspersky Lab. When a contractor submits a notification as required by FAR clause 52.204-23, agencies must adhere to their internal procedures for processing and responding to such notifications. This ensures that any potential use or presence of Kaspersky Lab products in federal contracts is promptly identified and managed in accordance with federal regulations.
Key Rules
- Contractor Notification Requirement
- Contractors must notify the government if they identify Kaspersky Lab products or services in their supply chain, as required by FAR 52.204-23.
- Agency Response Procedures
- Upon receiving such notification, agencies must follow their established internal procedures to address the issue.
Responsibilities
- Contracting Officers: Must ensure that any contractor notifications are processed according to agency-specific procedures.
- Contractors: Required to notify the government if Kaspersky Lab products or services are identified in their supply chain.
- Agencies: Must have clear procedures in place for responding to these notifications and mitigating any risks.
Practical Implications
- This section exists to ensure prompt and consistent handling of notifications regarding prohibited Kaspersky Lab products or services.
- It impacts daily contracting by requiring vigilance in supply chain management and clear communication between contractors and agencies.
- Common pitfalls include failing to notify promptly or not following agency-specific procedures, which could result in compliance violations.