Researcher's Guide to Working with FAR and DFARS

Information about Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) clauses that researchers should consider when applying for grants and contracts

What are FAR and DFARS clauses?

FAR and DFARS clauses are contractual provisions required by the U.S. government in contracts to procure goods and services.

These clauses address various topics, such as compliance with laws and regulations, intellectual property rights, and reporting requirements.

Importance of Compliance:

Compliance with FAR and DFARS clauses is mandatory for researchers involved in projects funded by government contracts or grants (e.g. Department of Defense, NASA, Department of Energy, etc.)

Non-compliance can result in contract termination, financial penalties, or legal action.

Key FAR and DFARS Clauses to Consider:

FAR 52.203-13: Contractor Code of Business Ethics and Conduct.

FAR 52.204-21: Basic Safeguarding of Covered Contractor Information Systems.

DFARS 252.204-7000: Disclosure of Information.

DFARS 252.204-7012: Safeguarding Covered Defense Information and Cyber Incident Reporting.

Researcher Responsibilities:

Familiarize yourself with the specific FAR and DFARS clauses applicable to your project.

Ensure compliance with all contractual obligations, including reporting requirements and safeguarding sensitive information.

Reach out to your local IT support staff for help in complying with these requirements. If you're unsure who that might be, contact research-computing@uiowa.edu.

Promptly report any cybersecurity incidents or breaches to the contracting officer and follow established incident response procedures.

Resources for Assistance:

Consult your Division of Sponsored Programs contact for guidance on interpreting and complying with FAR and DFARS clauses.

Seek training or educational resources on cybersecurity best practices and compliance requirements.

Documentation and Recordkeeping:

Maintain accurate records of all activities related to the research project, including compliance measures taken to meet FAR and DFARS requirements.

Retain documentation of training, certifications, and incident response activities for auditing purposes.

Continuous Monitoring and Improvement:

Regularly review and update your compliance practices to align with evolving FAR and DFARS requirements.

Stay informed about changes in regulations and policies that may impact your research activities.

Conclusion:

Compliance with FAR and DFARS clauses is essential for all University of Iowa researchers involved in government-funded projects. By understanding and adhering to these requirements, researchers can ensure their research endeavors' integrity, security, and success.

Consult your Division of Sponsored Programs contact for guidance on interpreting and complying with FAR and DFARS clauses. https://dsp.research.uiowa.edu/policies-and-procedures
Direct specific project related questions involving training or educational resources on cybersecurity best practices and compliance requirements to it-security@uiowa.edu.

Last updated

Wednesday, September 4, 2024

Article number

7161