32 CFR § 2004.10 - Responsibilities of the Director, Information Security Oversight Office (ISOO).
The Director, ISOO:
(a) Implements E.O. 12829, including ensuring that:
(1) The NISP operates as a single, integrated program across the executive branch of the Federal Government (i.e., such that agencies that release classified information to entities adhere to NISP principles);
(3) All agencies that contract for classified work include the Security Requirements clause, 48 CFR 52.204-2, from the Federal Acquisition Regulation (FAR), or an equivalent clause, in contracts that require access to classified information;
(4) Those agencies for which the Department of Defense (DoD) serves as the CSA or provides industrial security services have agreements with DoD defining the Secretary of Defense's responsibilities on behalf of their agency;