Forum Discussion
Microsoft's Perspective on FCI
What is Microsoft's perspective on the definition of FCI that was used to assess controls implemented for Azure and O365 against CMMC practices that call out FCI?
Hello HaranStark, Microsoft's position on the definition of Federal Contract Information (FCI) aligns with the Federal Acquisition Regulations (FAR), which states that FCI is:
“Information not intended for public release. It is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government. FCI does not include information provided by the Government to the public.”
Reference: Federal Acquisition Regulation https://www.acquisition.gov/content/52204-21-basic-safeguarding-covered-contractor-information-systems
1 Reply
Hello HaranStark, Microsoft's position on the definition of Federal Contract Information (FCI) aligns with the Federal Acquisition Regulations (FAR), which states that FCI is:
“Information not intended for public release. It is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government. FCI does not include information provided by the Government to the public.”
Reference: Federal Acquisition Regulation https://www.acquisition.gov/content/52204-21-basic-safeguarding-covered-contractor-information-systems