The Department of Commerce issued a proposed rule at the end of November that would govern the process and procedures that the government will use to identify, assess and address information and communications technology and services transactions that pose an undue risk to critical infrastructure or the digital economy in the United States. The proposed rule also includes transactions that pose an unacceptable risk to U.S. national security. The background information published in support of the proposed rule states, “The information and communications technology and services (ICTS) supply chain is critical to nearly every aspect of U.S. national security. It underpins our economy; supports critical infrastructure and emergency services; and facilitates the nation’s ability to store, process, and transmit vast amounts of data, including sensitive information, that is used for personal, commercial, government, and national security purposes.” Although the proposed rule covers government contractors and their supply chains, companies may miss the publication of the proposed rule as the Department of Commerce is not a primary issuer of rules that impact government contracting. Companies need to review the rule, discuss compliance, and plan to comment if there are concerns. This is especially true since the rule transcends your government business and applies to any covered area of a businesses’ operation. Comments are due December 27th.