Page:United States Statutes at Large Volume 124.djvu/2694

 124 STAT. 2668 PUBLIC LAW 111–259—OCT. 7, 2010 of funds for the acquisition of the major system shall cease to apply on the date on which the congressional intelligence commit- tees receive the initial vulnerability assessment. ‘‘(b) SUBSEQUENT VULNERABILITY ASSESSMENTS.—(1) The Director of National Intelligence shall, periodically throughout the procurement of a major system or if the Director determines that a change in circumstances warrants the issuance of a subsequent vulnerability assessment, conduct a subsequent vulnerability assessment of each major system and its significant items of supply within the National Intelligence Program. ‘‘(2) Upon the request of a congressional intelligence committee, the Director of National Intelligence may, if appropriate, recertify the previous vulnerability assessment or may conduct a subsequent vulnerability assessment of a particular major system and its significant items of supply within the National Intelligence Pro- gram. ‘‘(3) Any subsequent vulnerability assessment of a major system and its significant items of supply shall include use of an analysis- based approach and, if applicable, a testing-based approach, to monitor the exploitation potential of such system and reexamine the factors described in clauses (i) through (v) of subsection (a)(1)(C). ‘‘(c) MAJOR SYSTEM MANAGEMENT.—The Director of National Intelligence shall give due consideration to the vulnerability assess- ments prepared for a given major system when developing and determining the National Intelligence Program budget. ‘‘(d) CONGRESSIONAL OVERSIGHT.—(1) The Director of National Intelligence shall provide to the congressional intelligence commit- tees a copy of each vulnerability assessment conducted under sub- section (a) or (b) not later than 10 days after the date of the completion of such assessment. ‘‘(2) The Director of National Intelligence shall provide the congressional intelligence committees with a proposed schedule for subsequent periodic vulnerability assessments of a major system under subsection (b)(1) when providing such committees with the initial vulnerability assessment under subsection (a) of such system as required by paragraph (1). ‘‘(e) DEFINITIONS.—In this section: ‘‘(1) The term ‘item of supply’ has the meaning given that term in section 4(10) of the Office of Federal Procurement Policy Act (41 U.S.C. 403(10)). ‘‘(2) The term ‘major contract’ means each of the 6 largest prime, associate, or Government-furnished equipment contracts under a major system that is in excess of $40,000,000 and that is not a firm, fixed price contract. ‘‘(3) The term ‘major system’ has the meaning given that term in section 506A(e). ‘‘(4) The term ‘Milestone B’ means a decision to enter into major system development and demonstration pursuant to guidance prescribed by the Director of National Intelligence. ‘‘(5) The term ‘vulnerability assessment’ means the process of identifying and quantifying vulnerabilities in a major system and its significant items of supply.’’. (2) TABLE OF CONTENTS AMENDMENT.—The table of contents in the first section of the National Security Act of 1947, as amended by section 313 of this Act, is further amended by Proposed schedule. Records. Deadline.