Governance & Program Info
Acquisition & Program Intelligence — Governance
Cross-builder institution context and per-item ownership, due dates, status, and next actions for the governance-relevant checklist items in this builder.
Institution context
Program info
Applies across every builder in the app. Stored locally; nothing leaves the browser.
Checklist governance
Items (0 of 15 marked complete)
Annotate ownership, due date, status, and next action. Items on the left come from the builder's governance / compliance phases.
05 · Governance & Compliance
FAR / DFARS applicability to the AI capability itself
The AI is acquired under FAR/DFARS — confirm clauses on data rights, cyber (DFARS 252.204-7012), and commercial-item treatment.
05 · Governance & Compliance
DoDI 5000.88 Engineering of Defense Systems applicability
Engineering discipline — architecture, interfaces, integration — applies to AI capabilities that inform acquisition decisions.
05 · Governance & Compliance
TINA (Truth in Negotiations Act) and cost-data posture
For non-commercial procurements above thresholds, certified cost or pricing data is required.
05 · Governance & Compliance
Section 889 compliance in the AI supply chain
The AI platform itself must not include covered Chinese telecommunications / surveillance equipment — Section 889 is not only about the content being analyzed.
05 · Governance & Compliance
ITAR / EAR export control awareness on outputs
Assessments of adversary capabilities may themselves be export-controlled — outputs need handling review before dissemination.
05 · Governance & Compliance
FOCI mitigation posture (NISPOM)
Foreign Ownership, Control, or Influence — the AI vendor, the compute provider, and the data providers all matter for FOCI.
05 · Governance & Compliance
CFIUS (50 U.S.C. § 4565) jurisdictional awareness
CFIUS reviews of adversary investment in defense-relevant US companies generate both intelligence and acquisition-decision signal.
05 · Governance & Compliance
Section 1260H list screening in entity resolution
Every assessed adversary entity is cross-referenced against the DoD Section 1260H list of Chinese military companies.
05 · Governance & Compliance
BIS Entity List and sanctions screening
Persistent screening of assessed entities against BIS Entity List additions — list changes drive both assessment and operational action.
05 · Governance & Compliance
ICD 503 / RMF accreditation of the AI system
Full ICD 503 / RMF body of evidence for the AI capability at its classification level.
05 · Governance & Compliance
Originator-control and handling caveat preservation
ORCON, NOFORN, and program caveats on source material must propagate to outputs automatically, not by analyst memory.
05 · Governance & Compliance
Sources-and-methods protection on technical intelligence
Assessments must not reveal the specific S&T collection that supports them at a lower classification than the collection itself.
05 · Governance & Compliance
Congressional reporting / oversight posture
Acquisition intelligence feeding MDAP decisions will face Congressional oversight — the record must be ready.
05 · Governance & Compliance
DoD Responsible AI Strategy alignment
DoD Responsible AI Strategy and Implementation Pathway principles — governable, reliable, traceable, equitable, responsible — apply to acquisition AI.
05 · Governance & Compliance
Board- or flag-level governance reporting
AI-assisted assessments should appear in flag-officer or PEO governance reporting, with model performance metrics.