§ 2225. Information technology purchases: tracking and management  

2011—Subsec. (f)(1). Pub. L. 111–350, § 5(b)(6)(A), substituted “section 1702(c) of title 41” for “section 16(c) of the Office of Federal Procurement Policy Act (41 U.S.C. 414(c))”.

Subsec. (f)(2). Pub. L. 111–350, § 5(b)(6)(B), substituted “section 134 of title 41” for “section 4(11) of the Office of Federal Procurement Policy Act (41 U.S.C. 403(11))”.

2006—Subsec. (f)(1). Pub. L. 109–364 substituted “section 16(c) of the Office of Federal Procurement Policy Act (41 U.S.C. 414(c))” for “section 16(3) of the Office of Federal Procurement Policy Act (41 U.S.C. 414(3))”.

2003—Subsec. (b)(9). Pub. L. 108–178 substituted “sections 11312 and 11313 of title 40” for “sections 5122 and 5123 of the Clinger-Cohen Act of 1996 (40 U.S.C. 1422, 1423)”.

Amendment by Pub. L. 108–178 effective Aug. 21, 2002, see section 5 of Pub. L. 108–178, set out as a note under section 5334 of Title 5, Government Organization and Employees.

Pub. L. 112–239, div. A, title IX, § 934, Jan. 2, 2013, 126 Stat. 1885, as amended by Pub. L. 113–66, div. A, title IX, § 931, Dec. 26, 2013, 127 Stat. 829, provided that:“(a)Competition in Connection With Tactical Data Link Systems.—Not later than December 1, 2013, the Under Secretary of Defense for Acquisition, Technology, and Logistics shall—“(1) develop an inventory of all tactical data link systems in use and in development in the Department of Defense, including interfaces and waveforms and an assessment of vulnerabilities to such systems in anti-access or area-denial environments;“(2) conduct an analysis of each data link system contained in the inventory under paragraph (1) to determine whether—“(A) the upgrade, new deployment, or replacement of such system should be open to competition; or“(B) the data link should be converted to an open architecture, or a different data link standard should be adopted to enable such competition;“(3) for each data link system for which competition is determined advisable under subparagraph (A) or (B) of paragraph (2), develop a plan to achieve such competition, including a plan to address any policy, legal, programmatic, or technical barriers to such competition; and“(4) for each data link system for which competition is determined not advisable under paragraph (2), prepare an explanation for such determination.“(b)Earlier Actions.—If the Under Secretary completes any portion of the plan described in subsection (a)(3) before December 1, 2013, the Secretary may commence action on such portion of the plan upon completion of such portion, including publication of such portion of the plan.“(c)Report.—At the same time the budget of the President for fiscal year 2015 is submitted to Congress pursuant to section 1105(a) of title 31, United States Code, the Under Secretary shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a report on the plans described in paragraph (3) of subsection (a), including any explanation prepared under paragraph (4) of such subsection.”

Pub. L. 111–383, div. A, title II, § 215, Jan. 7, 2011, 124 Stat. 4165, provided that:“(a) Demonstration Projects on Processes for Application of Commercial Technologies to Cybersecurity Requirements.—“(1)Projects required.—The Secretary of Defense and the Secretaries of the military departments shall jointly carry out demonstration projects to assess the feasibility and advisability of using various business models and processes to rapidly and effectively identify innovative commercial technologies and apply such technologies to Department of Defense and other cybersecurity requirements.“(2)Scope of projects.—Any demonstration project under paragraph (1) shall be carried out in such a manner as to contribute to the cyber policy review of the President and the Comprehensive National Cybersecurity Initiative.“(b)Pilot Programs on Cybersecurity Required.—The Secretary of Defense shall support or conduct pilot programs on cybersecurity with respect to the following areas:“(1) Threat sensing and warning for information networks worldwide.“(2) Managed security services for cybersecurity within the defense industrial base, military departments, and combatant commands.“(3) Use of private processes and infrastructure to address threats, problems, vulnerabilities, or opportunities in cybersecurity.“(4) Processes for securing the global supply chain.“(5) Processes for threat sensing and security of cloud computing infrastructure.“(c) Reports.—“(1)Reports required.—Not later than 240 days after the date of the enactment of this Act [Jan. 7, 2011], and annually thereafter at or about the time of the submittal to Congress of the budget of the President for a fiscal year (as submitted pursuant to section 1105(a) of title 31, United States Code), the Secretary of Defense shall, in coordination with the Secretary of Homeland Security, submit to Congress a report on any demonstration projects carried out under subsection (a), and on the pilot projects carried out under subsection (b), during the preceding year.“(2)Elements.—Each report under this subsection shall include the following:“(A) A description and assessment of any activities under the demonstration projects and pilot projects referred to in paragraph (1) during the preceding year.“(B) For the pilot projects supported or conducted under subsection (b)(2)—“(i) a quantitative and qualitative assessment of the extent to which managed security services covered by the pilot project could provide effective and affordable cybersecurity capabilities for components of the Department of Defense and for entities in the defense industrial base, and an assessment whether such services could be expanded rapidly to a large scale without exceeding the ability of the Federal Government to manage such expansion; and“(ii) an assessment of whether managed security services are compatible with the cybersecurity strategy of the Department of Defense with respect to conducting an active, in-depth defense under the direction of United States Cyber Command.“(C) For the pilot projects supported or conducted under subsection (b)(3)—“(i) a description of any performance metrics established for purposes of the pilot project, and a description of any processes developed for purposes of accountability and governance under any partnership under the pilot project; and“(ii) an assessment of the role a partnership such as a partnership under the pilot project would play in the acquisition of cyberspace capabilities by the Department of Defense, including a role with respect to the development and approval of requirements, approval and oversight of acquiring capabilities, test and evaluation of new capabilities, and budgeting for new capabilities.“(D) For the pilot projects supported or conducted under subsection (b)(4)—“(i) a framework and taxonomy for evaluating practices that secure the global supply chain, as well as practices for securely operating in an uncertain or compromised supply chain;“(ii) an assessment of the viability of applying commercial practices for securing the global supply chain; and“(iii) an assessment of the viability of applying commercial practices for securely operating in an uncertain or compromised supply chain.“(E) For the pilot projects supported or conducted under subsection (b)(5)—“(i) an assessment of the capabilities of Federal Government providers to offer secure cloud computing environments; and“(ii) an assessment of the capabilities of commercial providers to offer secure cloud computing environments to the Federal Government.“(3)Form.—Each report under this subsection shall be submitted in unclassified form, but may include a classified annex.”

Pub. L. 111–84, div. A, title VIII, § 804, Oct. 28, 2009, 123 Stat. 2402, provided that:“(a)New Acquisition Process Required.—The Secretary of Defense shall develop and implement a new acquisition process for information technology systems. The acquisition process developed and implemented pursuant to this subsection shall, to the extent determined appropriate by the Secretary—“(1) be based on the recommendations in chapter 6 of the March 2009 report of the Defense Science Board Task Force on Department of Defense Policies and Procedures for the Acquisition of Information Technology; and“(2) be designed to include—“(A) early and continual involvement of the user;“(B) multiple, rapidly executed increments or releases of capability;“(C) early, successive prototyping to support an evolutionary approach; and“(D) a modular, open-systems approach.“(b)Report to Congress.—Not later than 270 days after the date of the enactment of this Act [Oct. 28, 2009], the Secretary of Defense shall submit to the Committees on Armed Services of the Senate and the House of Representatives a report on the new acquisition process developed pursuant to subsection (a). The report required by this subsection shall, at a minimum—“(1) describe the new acquisition process;“(2) provide an explanation for any decision by the Secretary to deviate from the criteria established for such process in paragraphs (1) and (2) of subsection (a);“(3) provide a schedule for the implementation of the new acquisition process;“(4) identify the categories of information technology acquisitions to which such process will apply; and“(5) include the Secretary’s recommendations for any legislation that may be required to implement the new acquisition process.”

Pub. L. 110–181, div. A, title VIII, § 881, Jan. 28, 2008, 122 Stat. 262, provided that:“(a)Requirement to Establish Clearinghouse.—Not later than 180 days after the date of the enactment of this Act [Jan. 28, 2008], the Secretary of Defense, acting through the Assistant Secretary of Defense for Networks and Information Integration, shall establish a clearinghouse for identifying, assessing, and disseminating knowledge about readily available information technologies (with an emphasis on commercial off-the-shelf information technologies) that could support the warfighting mission of the Department of Defense.“(b)Responsibilities.—The clearinghouse established pursuant to subsection (a) shall be responsible for the following:“(1) Developing a process to rapidly assess and set priorities and needs for significant information technology needs of the Department of Defense that could be met by commercial technologies, including a process for—“(A) aligning priorities and needs with the requirements of the commanders of the combatant command; and“(B) proposing recommendations to the commanders of the combatant command of feasible technical solutions for further evaluation.“(2) Identifying and assessing emerging commercial technologies (including commercial off-the-shelf technologies) that could support the warfighting mission of the Department of Defense, including the priorities and needs identified pursuant to paragraph (1).“(3) Disseminating information about commercial technologies identified pursuant to paragraph (2) to commanders of combatant commands and other potential users of such technologies.“(4) Identifying gaps in commercial technologies and working to stimulate investment in research and development in the public and private sectors to address those gaps.“(5) Enhancing internal data and communications systems of the Department of Defense for sharing and retaining information regarding commercial technology priorities and needs, technologies available to meet such priorities and needs, and ongoing research and development directed toward gaps in such technologies.“(6) Developing mechanisms, including web-based mechanisms, to facilitate communications with industry regarding the priorities and needs of the Department of Defense identified pursuant to paragraph (1) and commercial technologies available to address such priorities and needs.“(7) Assisting in the development of guides to help small information technology companies with promising technologies to understand and navigate the funding and acquisition processes of the Department of Defense.“(8) Developing methods to measure how well processes developed by the clearinghouse are being utilized and to collect data on an ongoing basis to assess the benefits of commercial technologies that are procured on the recommendation of the clearinghouse.“(c)Personnel.—The Secretary of Defense, acting through the Assistant Secretary of Defense for Networks and Information Integration, shall provide for the hiring and support of employees (including detailees from other components of the Department of Defense and from other Federal departments or agencies) to assist in identifying, assessing, and disseminating information regarding commercial technologies under this section.“(d)Report to Congress.—Not later than one year after the date of the enactment of this Act [Jan. 28, 2008], the Secretary of Defense shall submit to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a report on the implementation of this section.”

Pub. L. 106–398, § 1 [[div. A], title VIII, § 812(b)], Oct. 30, 2000, 114 Stat. 1654, 1654A–214, provided that:“(1) The Secretary of Defense shall collect data as required under section 2225 of title 10, United States Code (as added by subsection (a)) for all contractual actions covered by such section entered into on or after the date that is one year after the date of the enactment of this Act [Oct. 30, 2000].“(2) Subsection (d) of such section shall apply with respect to purchases described in that subsection for which solicitations of offers are issued on or after the date that is one year after the date of the enactment of this Act.”

Pub. L. 106–398, § 1 [[div. A], title VIII, § 812(c)], Oct. 30, 2000, 114 Stat. 1654, 1654A–214, directed the Comptroller General to submit to committees of Congress a report on the collection of data under this section not later than 15 months after Oct. 30, 2000.