DATE: July 21, 2016
TO: Procurement Directors (PDs)/Heads of Contracting
Activities (HCAs)/Contracting Officers/Contract Specialists
FROM: Chief
Contract and Financial Assistance Policy Division
Office of Policy
Office of Acquisition Management
SUBJECT: OMB Category Management Policy 16-2: Providing Comprehensive Identity
Protection Services, Identity Monitoring, and Data Breach Response
SUMMARY: On July 1, 2016, the Office of Management and Budget (OMB) issued a
policy memorandum which effective immediately requires, with limited exceptions, that
when a Department of Energy (DOE) entity needs identity protection services DOE must
address the requirement by using the government-wide blanket purchase agreements
(BPAs) for Identity Monitoring Data Breach Response and Protection Services (IPS)
awarded by General Services Administration. Agencies with these requirements must
follow the steps in the policy memorandum. The OMB Category Management Policy 16-2
memorandum is found here.
For details on the IPS BPA go here. Use of the IPS BPAs by cost-reimbursable contractor
is encouraged.
Questions concerning this policy flash should be directed to the Office of
Acquisition Management at doe_oapmpolicy@hq.doe.gov.