As the impact of COVID-19 continues to evolve, CyberPoint remains a reliable partner, providing guidance to all of our customers in support of their critical missions.

CyberPoint COVID-19 Supplier Guidance

CyberPoint expects all its suppliers (i.e., subcontractors, vendors, universities, independent contractors) to comply with all national, federal, state, and local laws and requirements mandating employees of government contractors and subcontractors comply with the COVID-19 Workplace Safety Guidance published by the Safer Federal Workforce Task Force. The guidance applies to businesses of all sizes. Supplier employees entering a covered government or contractor facility prior to January 4, 2022 must either be fully vaccinated against COVID-19, if not yet fully vaccinated have a recent negative COVID-19 test result, or have an approved exemption accompanied by a recent negative COVID-19 test result. "Fully vaccinated" means two weeks have passed since the employee received: 1) their second shot in a two-dose vaccine series (such as the Pfizer or Moderna vaccine) or 2) their shot in a single-dose vaccine series (such as the Johnson & Johnson vaccine). A "recent negative COVID-19 test result" means that the supplier employee must have taken a COVID-19 test no later than 72 hours prior to entering the covered government or contractor facility and must have obtained a negative result. The supplier employee should carry their test result while in the facility and be prepared to present it as required. Employees with approved exemptions are required to follow the COVID-19 Workplace Safety Guidance for Face Masks and Phyical Distancing inside the covered government or contractor facility. Please note there may be circumstances in which an agency determines that the nature of an employee's job responsibilities requires heightened safety protocols if they are provided with a legally required exception. In some cases, the nature of the employee's job may be such that an agency determines that no safety protocol other than vaccination is adequate. In such circumstances, the agency may deny the requested accommodation.

Please note that effective January 4, 2022, prior to entering a covered government or contractor facility, all of CyberPoint's suppliers will be required to comply with the COVID-19 Workplace Safety Guidance published by the Safer Federal Workforce Task Force requiring the supplier employees to be fully vaccinated against COVID-19 or have an approved exemption accompanied by a recent COVID-19 negative test result. Supplier employees who are not vaccinated will still be required to follow additional safety protocols as outlined in the guidance with respect to Face Masks and Physical Distancing inside the covered government or contractor facility.

Additionally, suppliers should review:


  • Exceptions are limited to legally required accommodations because of a disability or because of a sincerely held religious belief, practice, or observance.
  • To request a reasonable accommodation, contact your employer's human resources department for instructions and approval. When a proposed accommodation pertains to an employee with access to a Government facility used in the execution of a subcontract with CyberPoint, the Subcontractor must confirm with CyberPoint that a proposed accommodation is acceptable by submitting the request to CyberPoint's Subcontract Administrator.
Bottom Line: Exceptions will be made only where legally required.

  • All state and local regulations and customer-workplace guidance regarding masking and social distancing must be followed.
  • All individuals, including CyberPoint and subcontractor employees and visitors, must comply with CDC guidance for wearing masks and physical distancing at any covered contractor workplace.
  • In areas of high or substantial community transmission as determined by the CDC (which currently encompasses more than 97 percent of the United States), fully vaccinated people must wear a mask in indoor settings, except when alone in an office with walls and a door (not a cubicle) or for a limited time when eating or drinking and maintaining at least six feet of distance.
  • In areas of low or moderate community transmission, fully vaccinated people do not need to wear a mask.
  • Individuals who are not fully vaccinated must wear a mask indoors and should maintain a distance of at least six feet from other at all times, including in offices, conference rooms, and all other communal workspaces. They must also wear masks outdoors in crowded settings or where sustained close contact is required.
Bottom Line: Fully vaccinated people must wear masks indoors in areas of high or substantial transmission only; all others must wear masks and physically distance indoors and wear masks outdoors in crowded settings.

Failing to do so will impact your ability to continue work supporting CyberPoint on federal contracts.

  • Any full-time or part-time (including casual) employee working on or in connection with a covered contract or working at a covered contractor workplace.
  • Employees who perform duties necessary for the performance of the covered contract but are not directly engaged in performing the specific work called for by the covered contract, such as human resources, billing, or legal review.
  • Employees who work on a covered contract or support a covered contract from home.
  • All employees who work in a location where covered contract employees work, including Federal Solutions or contractor workplaces, even if the employee is not working on or in connection with a covered contract.

  • All contracts and contract-like instruments (contracts) for services (including contracts subject to the Service Contract Act), construction (including contracts subject to Davis Bacon Act), leaseholds, and contracts in connection with federal land and related to offering services, that include language incorporating the requirements of the order.
  • Prime contractors must flow these requirements down to all subcontractors. Therefore, CyberPoint expects all subcontractors to comply.
  • EO 14042 instructs the FAR Council and agencies to take action so that the requirements of the order will be incorporated into covered contracts entered into on or after October 15, 2021.
  • The Task Force "strongly" encourages executive departments and agencies to incorporate the same requirements into existing contracts and contracts for the provision of products.

CyberPoint recommends that you begin implementing the requirement immediately to allow the necessary 5 – 6 weeks lead time to support employees becoming fully vaccinated by January 4, 2022. The Safer Federal Workforce Task Force recommends that agencies issue modifications for as many existing contracts as possible by November 14, 2021. A delay in receipt of a modification will not automatically result in an extension in time to comply with the January 4, 2022 vaccination deadline.

Yes, the mandate applies equally to covered contractors regardless of whether they are a small business.

Per the guidance issued by the Safer Federal Workforce Task Force, an individual working on a covered contract from their residence is a covered contractor employee, and must comply with the vaccination requirement for covered contractor employees, even if the employee never works at either a covered contractor workplace or Federal workplace during the performance of the contract.

  • In the event of a confirmed or suspected COVID-19 exposure of supplier employees supporting CyberPoint, suppliers should inform their CyberPoint POC (i.e., CyberPoint PMO, Program Manager, or Job Manager) the date of exposure as soon as possible. Information should include providing the person's identity, location/places frequented, and who may have been exposed.
  • Any supplier employees who are exhibiting symptoms described by the CDC or may have been exposed to coronavirus or have tested positive for COVID-19 virus should not come into client spaces or CyberPoint facilities. Supplier employees should continue to follow their own company's procedures regarding leave or other applicable policies.
  • NOTE: Some CyberPoint clients have stated that contractors and personnel who fail to comply with such direction and report to work symptomatic will be held accountable. Accordingly, we ask that you please emphasize the importance of avoiding client spaces or CyberPoint facilities if supplier employees are or could be symptomatic.
  • Once reported to CyberPoint, supplier employees shall stay home and take self-quarantine measures indicated by government health authorities.

CyberPoint will not collect any personal information from suppliers/supplier employees. We expect our suppliers to maintain the documentation necessary to comply with all national, federal, state, and local laws and requirements.

If a Client asks a supplier employee(s) to sign a certification of vaccination form (e.g., Office of Personnel Management Form OMB Control No. 3206-0277, Department of Defense DD Form 3150) to access their facility, supplier employees are required to comply to continue support the Client and should carry the certification with them while in the facility.
  • If required, the supplier employee should upload the certification into an approved government system (e.g., MyHR) or turn in the form to a designated government point of contact (e.g., Contracting Officer, Contracting Officer's Representative, civilian or military program manager).
  • As clients provide additional information and requirements specific to a contract or agency, the CyberPoint Program Manager and PMO will share that information directly with suppliers and modify the subcontract agreement as appropriate.
  • Important Note: If, for any reason, a supplier employee is unable to perform due to non-compliance to vaccination requirements, they must immediately report that to their CyberPoint Program Manager.

CDC and OSHA recommend using a combination of standard precautions, contact precautions, airborne precautions, and eye protection (e.g., goggles or face shields) to protect workers from exposure to the virus.

Here are the basics of how to wear a mask:
  • Clean your hands before you put your mask on, as well as before and after you take it off, and after you touch it at any time.
  • Make sure it covers both your nose, mouth and chin.
  • When you take off a mask, store it in a clean plastic bag, and every day either wash it if it's a fabric mask, or dispose of a medical mask in a trash bin.
  • Don't use masks with valves.
  • Read more about mask usage on the WHO website.
Working with masks
Woman wearing mask
Working with masks