§2.Changes with respect to the federal acquisition security council
This section amends provisions governing the Federal Acquisition Security Council (FASC), which coordinates executive branch efforts to identify, mitigate, and manage supply chain risks in federal procurement of covered articles (i.e., information and communications technology and national security systems). (As background, the FASC develops government-wide policies, guidance, and recommendations to address such risks, including through issuance of binding removal or exclusion orders.)
Specifically, the section (1) adds definitions in 41 U.S.C. §1321 of "source of concern" (i.e., a source subject to control by or operating on behalf of a foreign adversary—defined as a covered nation under 10 U.S.C. §4872(d)—or posing a national security risk due to ties to such adversary's military, internal security forces, or intelligence agencies), "covered source of concern" (i.e., a statutorily designated source of concern for purposes of FASC authorities), "recommended order" (i.e., under §1323(c)(2)), and "designated order" (i.e., under §1323(c)(3)); (2) in §1322, establishes the FASC in the Executive Office of the President (from executive branch), requires the President to designate the chairperson (from Secretary of Homeland Security), specifies membership as the Administrator for Federal Procurement Policy, Deputy Director for Management of the Office of Management and Budget, and designated Assistant Secretary- or Deputy Assistant Secretary-level officials from the Office of the Director of National Intelligence (including National Counterintelligence and Security Center), Department of Defense (including National Security Agency), Department of Homeland Security (including Cybersecurity and Infrastructure Security Agency), General Services Administration, Office of the National Cyber Director, Department of Justice (including FBI), and Department of Commerce (including National Institute of Standards and Technology and Bureau of Industry and Security), sets requirements for member expertise and functions, and directs semiannual meetings between the chairperson and the Secretary of Homeland Security, Secretary of Defense, and Director of National Intelligence (or delegates); and (3) in §1323, revises the FASC's functions to address "acquisition security and supply chain" risks (from "supply chain" risks) associated with the acquisition and use of covered articles (Thus, broadening the scope to encompass security risks throughout the acquisition lifecycle.).