|
- Clause 1-1: Privacy Protection must be included when applicable. See Section 7-14, Privacy Considerations.
- Clause 4-1: General Terms and Conditions should be included within all contracts and provides for, among other terms, actions to be taken by a supplier in the event of an actual or suspected security incident on its network(s) or systems.
- Clause 4-9: Inspection and Acceptance — Systems should be included in contracts for computers with a unit price greater than $50,000. This clause is to be used in lieu of, not in addition to, the inspection terms and conditions included in Clause 4-1: General Terms and Conditions. If a computer contract covers other supplies or services also, Clause 4–1: General Terms and Conditions or other inspection clauses must be included for the other supplies or services.
- Clause 4-10: Liquidated Damages — Industrial Supply or Service Items Not Ready for Use should be filled in appropriately and included in systems contracts when the use of this clause is justified.
- Clause 4-11: Use of Hardware or Software Monitors should be included in contracts whenever monitors will be attached to a computer system.
- Clause 4-12: Site Preparation shouldbe included in contracts whenever the Postal Service should specially prepare a site for installation of an information system.
- Clause 4-13: Software License Warranty and Indemnification should be included in contracts whenever software is procured by license from the supplier.
- Clause 4-14: Software Development Warranty should be included in contracts for customized software.
- Clause 4-16: Substitution of Information Technology Equipment, should be included in RFPs and contracts for IT in which the supplier will be afforded the opportunity to replace the product line(s) being purchased with equivalent items that are newer technology provided the pricing is equal to or less than the items being replaced.
- Clause 4-17: Technology Enhancement should be included in all RFPs and contracts which require the supplier to propose newer, more effective, and more economical products on a continuous basis that the Postal Service may incorporate to keep pace with changing technological environments.
- Clause 4-18: Information and Communication Technology Accessibility should be included in all Information and Communication Technology contracts. See Sections 8-4.3.5.3, Accessibility Conformance Report and 7-7.1.14, Rehabilitation Act of 1973 (29 U.S.C. 702 et seq.); and provide the 508 (Services) or 508 (Products) instructions within RFPs.
- Clause 4-19: Information Security Requirements should be included in all contracts for IT and other information processing and information gathering services when Postal Service information will be generated, processed, or stored during contract performance and/or when an information system is being provided.
- Clause 4-21: Supplier Security Risk Assessment should be included in all contracts that fall into scope for third-party cyber risk management program. These include, suppliers that require connection to the Postal Service network or electronic access to sensitive, sensitive enhanced, or critical Postal Service data, as well as suppliers that will be providing an information system, or those that are critical to the processing or movement of mail, or are revenue generating to the Postal Service.
- Clause 4-22: Certification and Accreditation of Information Systems should be included in all contracts where sensitive Postal Service data is processed or stored on a system, application, cloud offering and/or technology that will be used by the Postal Service and is operating on the Postal Service network, on-premises, offsite or in a cloud environment. This applies to pilot programs, Proof of Concepts, and full license purchases.
- Clause 4-23: Cloud Computing Security Requirements should be included in all contracts that call for the use of cloud computing to provide information technology services and products in performance of the contract.
|
|