Comment Re:NOT REQUIRED TO COMPLY (Score 1) 43
If it was a secure government facility, I would also turn that around to say their auditors are welcome to visit as long as we could conduct full background checks on every single of them. Also they would not be allowed to bring any recording devices into our facilities and strip searches would be required before and after.
Maybe somewhere there is a facility or SCIF that requires a strip search to enter, but I've never been in one and I never heard of such. I doubt that a bunch of BSA auditors would ever even know about the existence of that kind of place anyway, let alone need to enter one.
But the DoD procurement process also is pretty slow an thorough. They don't purchase until the vendor has the cleared support staff available to service the software. If that includes auditors, you can bet that will be in the contract. When I had to be in those kinds of facilities for a previous job, there were people from the likes of Adobe, Oracle, and Microsoft coming in and out all day and they all had CACs.
If a contractor or sub signs a contract they can't legally comply with because of their government obligations, then that's on them. They need to break the contract with the vendor, stop using the offending software, pay whatever penalties, and then be left scrambling to meet their government obligations.