• SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Call us today! 844-OCD-TECH

Find our Location
OCD TechOCD Tech
  • SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us
Nation’s First Case of DFARS Non-Compliance Against DoD Contractor Underway

Nation’s First Case of DFARS Non-Compliance Against DoD Contractor Underway

May 13, 2019 Posted by Nick DeLena DFARS

Well, it finally happened.

A Department of Defense contractor is being prosecuted under the False Claims Act for non-compliance with DFARS 252.204-7012. Aerojet Rocketdyne Inc. is currently facing legal action in the US District Court Eastern District of California under allegations that it knowingly misrepresented the extent to which it was compliant with DFARS and corresponding required protection on Controlled Unclassified Information (CUI).

For some time now OCD Tech has been cautioning organizations subject to DFARS 7012 to take the clause seriously, take immediate action, and be transparent with the DoD on areas of noncompliance. DFARS compliance, until recently, has been a self-assessment exercise where the DoD contractor is responsible for implementing the appropriate security controls, System Security Plans, and Plans of Action and Milestones, and reporting such information back to DoD where required. Invoicing on a contract subject to DFARS carries with it the representation that the contractor is fully compliant. We have published guidance on possible prosecution under the False Claims Act. It is well known that the court system moves slowly and that is also true here. The allegations in question concern activities taking place in 2014 and 2015. Now we are starting to see the enforcement activities catch up.

Don’t assume all is well with your DoD contracts. The time has come to be proactive with your DFARS compliance efforts, rather than reactive. If you are subject to DFARS 7012 and are not fully compliant with the 110 security requirements in NIST Special Publication 800-171, contact the experts at OCD Tech today to review your options. With both audits and prosecutions underway, stay out of the government’s crosshairs. OCD Tech will assess where you stand today, build a roadmap to compliance for you, and guide you along the way.

Contact us today or for more information including the top 5 things you can do within your organization to achieve DFARS compliance, Click Here!

Share
1
Avatar photo

About Nick DeLena

Nick leads engagements across the division’s primary practice areas, including audit, security, and advisory services. He’s a 19-year veteran of IT and IT risk management, having audited, consulted, and managed IT teams in a variety of industries. He holds several leading certifications, including CISSP, CISA, CRISC, and Security+, among others, and has an MBA from Brown University.

You also might be interested in

OCDTECH.FRAUDLOSSES2023

Fraud Losses Top $10 Billion in 2023 

Feb 20, 2024

Newly released Federal Trade Commission data show that consumers reported[...]

CMMC

CMMC and PoAMs

Jul 21, 2020

As the Cybersecurity Maturity Model Certification (CMMC) continues to develop, many organizations in the Defense Industrial Base are left with questions regarding how the upcoming changes will affect their current cybersecurity program and where to focus future efforts.

What is a CVE?

Jun 11, 2020

In the world of information security, there is one acronym that stands above the rest: CVE®

Find us on

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Send Message
OCD Tech logo Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

  • OCD Tech
  • 25 BHOP, Suite 407, Braintree MA, 02184
  • 844-623-8324
  • https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®

IT Advisory Services
– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review

IT Government Compliance Services
– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

  • Financial Services
  • Government
  • Enterprise
  • Auto Dealerships

© 2025 — OCD Tech: IT Audit - Cybersecurity - IT Assurance

  • OCD Tech
  • About Us
  • Contact Us
Prev Next