Page 2 of 2
Section IV.
Standard Contract Provision and Clause Text Applicability and/or Additional PWS Language.
(Standard-language text is in “Times New Roman, bold, italic” font.)
1. AT Level I Training. (The following provision/contract text is for contractor employees with an area of performance within an Army-controlled installation,
facility, or area.)
All contractor employees, including subcontractor employees, requiring access to Army installations, facilities, and controlled-access areas will complete AT
Level I awareness training within [insert number of calendar days] calendar days after the contract start-date or effective date of incorporation of this
requirement into the contract, whichever is applicable. The contractor will submit certificates of completion for each affected contractor employee and
subcontractor employee to the COR or to the contracting officer, if a COR is not assigned, within [insert number of calendar days] calendar days after training
is completed by all employees and subcontractor personnel. AT Level I awareness training is available online at https://atlevel1.dtic.mil/at.
2. AT Awareness Training for Contractor Personnel Traveling Overseas. (This standard-language text requires U.S.-based contractor employees and
associated subcontractor employees to make available and to receive Government-provided, area of responsibility (AOR)-specific AT awareness training as
directed by AR 525-13.)
Specific AOR training content may be directed by the USEUCOM Commander, with the USAREUR ATO being the local POC.
3. Access and General Protection/Security Policy and Procedures. (This standard-language text is for contractor employees with an area of performance
within an Army-controlled installation, facility, or area.)
Contractor and all associated sub-contractors employees shall provide all information required for background checks to meet installation access requirements
to be accomplished by installation provost marshal office, director of emergency services, or security office. Contractor workforce must comply with all personal
identification verification requirements (FAR clause 52.204-9, Personal Identity Verification of Contractor Personnel) as directed by DOD, HQDA, and/or
local policy. In addition to the changes otherwise authorized by the changes clause of this contract, should the Force Protection Condition (FPCON) at any
individual facility or installation change, the Government may require changes in contractor security matters or processes.
3a. For contractors requiring common access cards (CACs).
Before CAC issuance, the contractor employee requires, at a minimum, a favorably adjudicated National Agency Check with Inquiries (NACI) or an equivalent
or higher investigation in accordance with Army Directive 2014-05. The contractor employee will be issued a CAC only if duties involve one of the following:
(1) Both physical access to a DOD facility and access, via logon, to DOD networks on-site or remotely; (2) Remote access, via logon, to a DOD network using
DOD-approved remote access procedures; or (3) Physical access to multiple DOD facilities or multiple non-DOD federally controlled facilities on behalf of the
DOD on a recurring basis for a period of 6 months or more. At the discretion of the sponsoring activity, an initial CAC may be issued based on a favorable
review of the FBI fingerprint check and a successfully scheduled NACI at the Office of Personnel Management.
3b. For contractors that do not require CACs, but require access to a DOD facility or installation.
Contractor and all associated sub-contractors employees shall comply with adjudication standards and procedures using the National Crime Information
Center Interstate Identification Index (NCIC-III) and Terrorist Screening Database (TSDB) (Army Directive 2014-05/AR 190-13), applicable installation,
facility and area commander installation/facility access and local security policies and procedures (provided by government representative), or at OCONUS
locations, in accordance with status of forces agreements and other theater regulations.
4. iWATCH/iSALUTE Training. (This standard-language text is for contractor employees with an area of performance within an Army-controlled installation,
facility, or area.)
The contractor and all associated subcontractors will brief all employees on the local iWATCH/iSALUTE program (training standards provided by the
requiring activity ATO). This locally developed training will be used to inform employees of the types of behavior to watch for and instruct employees to report
suspicious activity to the COR. This training will be completed within [insert number of calendar days] calendar days after the contract is awarded and within
[insert number of calendar days] calendar days after new employees commence contract performance, with the results reported to the COR within [insert
number of calendar days] calendar days after the contract is awarded.
5. For Contracts That Require Performance or Delivery in a Foreign Country.
DFARS 252.225-7043. The clause will be used in solicitations and contracts that require performance or delivery in a foreign country. This clause applies to
both contingencies and noncontingency support. The key AT requirement is for non-local national contractor personnel to comply with theater clearance
requirements and allows the combatant commander to exercise oversight to ensure the contractor's compliance with combatant commander and subordinate
task-force commander policy and directives.
6. Contractor Employees Who Require Access to Government Information Systems.
All contractor employees with access to a Government information system must be registered in the Army Training Certification Tracking System (ATCTS) at
commencement of services, and must successfully complete DOD information assurance awareness training before access to the information system and then
annually thereafter.
7. For Contracts That Require an OPSEC Standing Operating Procedure/Plan.
The contractor will develop an OPSEC standing operating procedure (SOP)/plan within 90 calendar days after the contract is awarded, to be reviewed and
approved by the responsible Government OPSEC officer, according to AR 530-1. This SOP/plan will include the Government's critical information, why it
needs to be protected, where it is located, who is responsible for it, and how to protect it. In addition, the contractor will identify an individual who will be an
OPSEC coordinator. The contractor will ensure this individual becomes OPSEC Level II certified according to AR 530-1.
8. For Contracts That Require OPSEC Training.
According to AR 530-1, new contractor employees must complete Level I OPSEC training within 30 calendar days after they report for duty. All contractor
employees must complete annual OPSEC awareness training.
9. For Information Assurance (IA)/Information Technology (IT) Training.
All contractor employees and associated subcontractor employees must complete DOD information assurance awareness training before issuance of network
access and annually thereafter. All contractor employees working IA/IT functions must comply with DOD and Army training requirements in DODD 8570.01,
DOD 8570.01-M, and AR 25-2 within 6 months after being employed.
10. For Information Assurance (IA)/Information Technology (IT) Certification.
According to DFARS 252.239.7001, DOD 8570.01-M, and AR 25-2, contractor employees supporting IA/IT functions will be appropriately certified on contract
award. The baseline certification as stipulated in DOD 8570.01-M must be completed on contract award.
11. For Contracts That Require Handling or Access to Classified Information.
The contractor will comply with FAR Clause 52.204-2. This clause involves access to information classified “Confidential,” “Secret,” or “Top Secret” and
requires contractors to comply with The Security Agreement (DD Form 441), including DOD 5220.22-M and any revisions, notice of which has been provided
to the contractor.
12. For Contractors Authorized to Accompany the Force.
DFARS 252.225-7040. This clause will be used in solicitations and contracts that authorize contractor personnel to accompany U.S. Armed Forces deployed
outside the United States for contingency operations, humanitarian or peacekeeping operations, or other military operations or exercises when designated by
the combatant commander. The clause discusses the following AT/OPSEC-related topics: required compliance with laws and regulations, predeployment
requirements, required training (according to combatant command guidance), and required personnel data.
13. Threat Awareness Reporting Program. (For all contractors with security clearances.)
Per AR 381-12, Threat Awareness and Reporting Program (TARP), contractor employees must receive annual TARP training by a CIA agent or other trainer
as specified in 2-4b.