July 16, 2020
July MRAM Q&A
Q&A from July’s Monthly Research Administrator Meeting
Department of Defense Cybersecurity Maturity Measure Certification (DoD CMMC)
Q: Do we anticipate these cybersecurity measures will trickle down to current awards, or only to new awards?
A: We expect the DoD CMMC requirement will only apply to new contracts. However, it is possible it will be integrated into a current DOD contract, by modification, should the Contracting Officer identify that CUI is involved.
Q: Will all DOD awards/applications be subject to these new requirements, or only specific awards/applications?
A: For now, we only expect this to apply to DOD contract funding (i.e. not grants or cooperative agreements) and only when the RFP specifies CMMC Level is required.
Resources:
- UW Chief Information Security Office: DoD CMMC Information
- UW DoD CMMC FAQs for Proposals and Awards
Compliance Corner
Q: Will the OSP Subs team include the NSF retention policy in the templates they use?
Q: Is the retention period covered in the subaward agreement?
A: The Research Terms and Conditions (RTC) that cite the record retention requirements are incorporated into all of our outgoing subaward under NSF awards. As Matt mentioned, the requirement for subrecipients to follow the same record retention period as the prime recipient already exists because we flow the RTC to the subrecipient. The updated RTC just clarifies what was already the case.
CORE Update
Q: Will OSP check if they’ve done their training before submitting a proposal?
A: Because this requirement comes into effect at the time of submission of a proposal there is no barrier at any time to the submission of a proposal. Contact Laurie Stephan with further questions: lauries@uw.edu