For acquisitions requiring information assurance against compromising emanations, the requiring activity is responsible for providing to the contracting officer—

(a) The required protections, i.e., an established National TEMPEST standard (e.g., NSTISSAM TEMPEST 1-92) or a standard used by other authority;

(b) The required identification markings to include markings for TEMPEST or other standard, certified equipment (especially if to be reused);

(c) Inspection and acceptance requirements addressing the validation of compliance with TEMPEST or other standards; and

(d) A date through which the accreditation is considered current for purposes of the proposed contract.

[69 FR 35534, June 25, 2004, as amended at 84 FR 58337, Oct. 31, 2019]


Tried the LawStack mobile app?

Join thousands and try LawStack mobile for FREE today.

  • Carry the law offline, wherever you go.
  • Download CFR, USC, rules, and state law to your mobile device.