Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 117th Congress · S. 4543 (Reported in Senate) — To authorize appropriations for fiscal year 2023 for military activities of the Department of Defense, for military c... · Sec. 1624

Sec. 1624. Plan for commercial cloud test and evaluation

206 words·~1 min read·/bill/117/s/4543/rs/section-1624·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Not later than 180 days after the date of the enactment of this Act, the Secretary of Defense, in consultation with commercial industry, shall submit to the Committee on Armed Services of the Senate and the Committee on Armed Services of the House of Representatives a policy and plan for test and evaluation of the cybersecurity of the clouds of commercial cloud service providers. The policy and plan submitted under subsection
(a)shall include the following: A requirement that all future contracts with cloud service providers include provisions that permit the Department to conduct independent, threat-realistic assessments, including penetration testing, of the commercial cloud infrastructure, including the control plane and virtualization hypervisor. An explanation as to how the Department intends to proceed on amending existing contracts with cloud service providers to permit the same level of rigorous assessments that will be required for all future contracts. Identification and description of any proposed tiered test and evaluation requirements aligned with different impact and classification levels. The policy and plan required under subsection
(a)may provide an authority to waive any requirements described in subsection
(b)conditioned upon the approval of the Chief Information Officer of the Department of Defense and the Director of Operational Test and Evaluation.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.