Skip to main content
S 3085 115th Congress Senate Government Operations and Politics Computers and information technology Congressional oversight Executive agency funding and structure Government information and archives Public contracts and procurement Telephone and wireless communication

Federal Acquisition Supply Chain Security Act of 2018

Introduced: June 19, 2018 See on congress.gov
Sign in to write a letter Sign in to watch
 Everywhere this bill has been 14 steps
Introduced
In committee
Reported out
Passed House
Passed Senate
To President
Became law
Dec 19, 2018
Held at the desk.
Dec 19, 2018
Received in the House.
Dec 19, 2018
Message on Senate action sent to the House.
Dec 18, 2018
Passed Senate with an amendment by Unanimous Consent.
Dec 18, 2018
Passed/agreed to in Senate: Passed Senate with an amendment by Unanimous Consent.
Dec 18, 2018
The committee substitute withdrawn by Unanimous Consent.
Dec 18, 2018
Measure laid before Senate by unanimous consent. (consideration: CR S7809-7817; text of measure as reported in Senate: CR S7809-7813)
Dec 4, 2018
By Senator Johnson from Committee on Homeland Security and Governmental Affairs filed written report. Report No. 115-408.
Nov 26, 2018
Placed on Senate Legislative Calendar under General Orders. Calendar No. 666.
Nov 26, 2018
Committee on Homeland Security and Governmental Affairs. Reported by Senator Johnson with an amendment in the nature of a substitute. Without written report.
Sep 26, 2018
Committee on Homeland Security and Governmental Affairs. Ordered to be reported with an amendment in the nature of a substitute favorably.
Sep 13, 2018
Committee on Homeland Security and Governmental Affairs. Hearings held. Hearings printed: S.Hrg. 115-588.
Jun 19, 2018
Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
Jun 19, 2018
Introduced in Senate
 Plain-English summary Congressional Research Service

Federal Acquisition Supply Chain Security Act of 2018

This bill establishes in the executive branch a Federal Acquisition Security Council. The Office of Management and Budget shall designate a senior-level official to serve as the chairperson of the council. The council shall perform functions that include developing: (1) criteria and processes for assessing threats and vulnerabilities relating to supply chain risk posed by the acquisition of information technology to national security and the public interest, and (2) standards and measures for supply chain risk management.

The chairperson shall report annually to Congress on the council's activities.

Any agency that makes information technology available for procurement by other agencies shall:

  • identify information technology products made available to other agencies that pose the greatest risk to national security or the public interest;
  • complete a risk assessment of such products;
  • in each case in which the agency identifies a significant supply chain risk posed by information technology, make the risk assessment available to all agencies through the council and develop a plan to mitigate that risk; and
  • develop a vetting process for conducting supply chain risk assessments regarding prospective providers of information technology and make the process available to all agencies.

The Department of Homeland Security may: (1) assist agencies in conducting risk assessments and implementing mitigation requirements for information technology, and (2) provide such additional guidance or tools as necessary to support actions taken by agencies.

What's happening now December 19, 2018

Held at the desk.

 Committees of jurisdiction 1
 Cosponsors 2
All 2 Republican 2