On May 16, 2016, the Federal Acquisition Regulation (FAR) was amended to add a new subpart and contract clause for the basic safeguarding of contractor information systems that process, store or transmit Federal contract information.  The clause does not relieve contractors of any other specific safeguarding requirement specified by Federal agencies and departments as it relates to covered contractor information systems generally or other Federal requirements for safeguarding Controlled Unclassified Information (CUI) as established by Executive Order (E.O.).  Systems that contain classified information, or CUI such as personally identifiable information, require more than the basic level of protection.  The clause is applicable to any contractor or subcontractor that may have an information system that processes, stores or transmits Federal contract information, though there is a carveout for procurements involving commercial-off-the-shelf (COTS) items.  A copy of the final rule is available here.  We anticipate preparing a more detailed analysis of the rule shortly.