Enterprise Business Systems Supplier Information Resource Center

This notice provides an update to DLA-provided schemas for the upcoming VSM Web Service upgrades. 

1.    The DocumentRequest now uses a POST request. 

2.    The CAGECode field has been added (or the name modified) for the 3 web services which use POST requests—Shipment, Document, and Closeout (schemas attached).  CAGECode will be a required field.   

        Please utilize the attached schema titled:

                22APR2025 Updated FOBDocumentRequest.docx

                22APR2025 Updated FOBShipmentRequest.docx

                22APR2025 Updated FOBCloseoutRequest.docx

3.    The URLs for the 2 web services which use GET requests (Status and Address) have changed:

    {HOST}/RESTAdapter/VSM/FreeOnBoardStatusRequest?requestNumber=4000052269&CAGECode=ABCDE

    {HOST}/RESTAdapter/VSM/FreeOnBoardAddressRequest?requestNumber=4000052269&CAGECode=FGHJK

A start date for testing is not available at this time, however DLA will post an announcement when a date becomes available.

Questions regarding the VSM Web Services changes may be directed to: JSONWebServiceInquiry@dla.mil.

VSM Web Services Update to Mandatory Changes

DOD Cybersecurity Resources SBA Memo Jan 2025

In November 2023 and January 2024, DLA provided updates of the on-going development of the DLA Automated Records Traceability (DART) application.  The DART application provides contractors with a secure and easy-to-use process for uploading contractually required documentation, which can in-turn be accessed by DLA personnel and the Military Services.

We are happy to report that all programming and testing efforts have been successfully completed.  DART is ready for use!

The purpose of this notice is to provide information for frequently asked questions and encourage contractors that support the KC46 program to request DART access now in order to become familiar with the system.

Please follow this link for full details: DART Application

Questions can be sent to:  DLADART@dla.mil.

To enhance information security, DLA will be updating the DIBBS user terms and conditions within the next few days.  After updating, all DIBBS registered users will be prompted to accept the new terms and conditions the next time they log into the system.  Until the new terms and conditions are accepted, DIBBS users will not have their full access privileges. This notice will be updated with the effective date and links to view the new terms in conditions as soon as the new effective date is confirmed. The new terms and conditions can be viewed at:

DIBBS Super User (PDF)

DIBBS Subordinate User (PDF)

DLA has updated the VR PAR reason code population to closely align with common vendor inquiries. DLA is asking suppliers to select the appropriate PAR reason code based on the specific action needed to ensure the PAR is correctly assigned to the appropriate contract administrator. An updated PAR definitions document that provides suppliers with an explanation of each VR PAR reason code can be viewed at: VR Reason Code (DOCX)

The "Post Award Requests (PARs) in DIBBS" Job Aid has been updated to incorporate the updated VR PAR reason codes and is located with the Enterprise Business Systems Supplier Information Resource Center (SIRC).

Suppliers should utilize the Price Breaks and Minimum Order Quantity fields during the DIBBS quoting process in al cases when a quantity price break and/or minimum order quantity exists. This will allow DLA to enhance evaluation of the best value fr both the customer and suppliers based on the current projected forecast. Price Breaks (DOCX)

CMMC Notice Jan 2024 (DOCX)

The following changes of the quote form and batch quote/EDI will be incorporated with the next release of DIBBS changes. It is anticipated this will occur on or about 23 Feb 2024.

Major changes include:

Fields 014 thru 017 have been eliminated and are now RESERVED.

Fields 039 thru 043 have been eliminated and are now RESERVED.

Field 058 validations have changed.

Field 067 definitions have changed.

Field 071 has removed North Macedonia from the Non-Designated Country list.

Field 072 has added North Macedonia to the Designated Country list.

See link for the new batch quote instructions: DIBBS Batch File 23 Feb 2024 (DOCX)

FSG53 DIBBS Announcement (DOC)

The current requirements for cybersecurity, among others, include compliance with DFARS 252.204-7012, 252.204-7019, and 252.204-7020.  This includes the requirement for an active NIST SP 800-171 assessment score posted in the Supplier Performance Risk System (SPRS).

Cybersecurity Maturity Model Certification (CMMC), under DFARS 252.204-7021, is currently not required on any DLA acquisitions.  The CMMC DFARS clause is currently undergoing a rule-making process with the Office of the Secretary of Defense (OSD).  Changes to CMMC requirements in the DFARS will be released through an interim rule via an official Federal Register announcement.

DLA is aware of the potential conflict between anticipated CMMC requirements and our user terms and conditions.  DLA will work to resolve any conflicts once the CMMC requirements are finalized.  In the meantime, suppliers are reminded that using a VPN/Proxy server to mask internet usage/access violates the DLA Internet Bid Board System (DIBBS) and Collaboration Folders (cFolders) terms and conditions resulting in access denial to DIBBS, cFolders, and the Enhanced Joint Certification Program (EJCP).  To protect our supply chains, these terms and conditions are likely to continue until DLA implements multi-factor authentication.  

To view an information briefing on accessing DIBBS, cFolders, and export control technical data, see: Information Briefing on CAGE Code, DIBBS, cFolders, and EJCP Sept 21 (PPT).  If suppliers are unable to access their account due to DIBBS terms and conditions (T&Cs) violations, they should contact the DIBBS T&Cs monitor at: ( DIBBS_TC_Monitor@dla.mil).  For cFolders violations, contact the data custodian at:   DLAJ344DataCustodian@dla.mil.  Please continue to monitor DIBBS Notices for future updates.

The following changes of the quote form and batch quote/EDI will be incorporated with the next release of DIBBS changes. It is anticipated this will occur no earlier than 30 days from this notice. As the actual date becomes firm, it will be communicated.

Higher Level Quality Indicator

A new indicator has been incorporated to establish SAE AS9100. Field 117 will show this new indicator in the batch file. When this new value is indicated in the batch file, the appropriate response will be necessary in field 118. 

Higher Level Quality Code

New responses are incorporated due to the new indicator. Also, the previous indicators incorporate the new SAE AS9100 as a new response. Field 118 has been updated accordingly. 

See the link for the new batch instructions: DIBBS Batch File and EDI 864 File Format (DOCX)

DIBBS FAQs (PDF)

DLA Land and Maritime launched a new automated BOT process to analyze and accelerate processing of vendor requested cancellations for unilateral purchase orders on award numbers beginning with "SPE7L" or "SPE7M".

Cancellation modifications (SF30s) processed by the BOT will have the automated system's name in block 16 A and 16 B and cites the contracting officer's authority for the modification on the SF30 continuation page (see attached DOCX). In addition, the PAR will be reassigned and completed by the BOT.

Any issues with cancellation modifications processed by the BOT should be directed to the Contract Administrator by submitting a DIBBS Post Award Request (PAR) .

On or about September 1, 2022, the Defense Logistics Agency (DLA) will reactivate robotic process automation (RPA) technology to provide suppliers a monthly advanced notification letter for [1] contract awards created in the past 30 days and [2] contract deliveries due in the next 30 days.  The letter will include Excel attachments with applicable information.  The attachments will not be all inclusive and are focused on contract actions supporting on-time delivery metrics. Suppliers are encouraged to review these files to verify awards have been received and shipments are scheduled to meet on-time delivery.

A single notification letter will originate from the DLA activity having the majority of awards. See attached sample letter.  Advanced Notification Letter (DOCX)

Advanced Notification letters are generated from the following RPA BOT accounts: 

• svc_RPAPrd01@dla.mil
• svc_RPAPrd02@dla.mil
• svc_RPAPrd03@dla.mil
• svc_RPAPrd04@dla.mil
• svc_RPAPrd05@dla.mil
• svc_RPAPrd06@dla.mil
• svc_RPAPrd07@dla.mil
• svc_RPAPrd08@dla.mil
• svc_RPAPrd09@dla.mil
• svc_RPAPrd10@dla.mil
• svc_RPAPrd11@dla.mil
• svc_RPAPrd12@dla.mil
• svc_RPAPrd13@dla.mil
• svc_RPAPrd14@dla.mil
• svc_RPAPrd15@dla.mil

Please include the above email addresses on your safe senders list to avoid spam routing. If your company prefers to be excluded from receiving future DLA Award/Delivery Summary notices, please send an email to the DIBBS helpdesk at dibbsBSM@dla.mil with the subject line “Requesting removal from distribution DLA Award/Delivery Summary.”

Please direct contract-specific questions regarding a specific award, including delivery delays, to your assigned contract administration office by submitting a DIBBS Post-Award Request
(PAR), or by contacting the assigned DCMA office, if applicable.

Due to increasing geopolitical tensions, the Department of Homeland Security’s (DHS) Cyber and Infrastructure Security Agency (CISA) has issued a “Shields Up” advisory . The Defense Industrial Base is one of 16 official United States critical infrastructure sectors. Like the other critical infrastructure sectors’ leaders, we’re reaching out to encourage you to do three things.

1. Heed the advisory.

2. Report Cyber Incidents . DFARS 252.204-7012 stipulates a contractor’s requirement to rapidly report cyber incidents impacting Covered Defense Information (CDI) and/or the ability to perform operationally critical support within 72 hours of discovery to. For questions or more information, contact DCISE ( DC3.DCISE@us.af.mil or call the 24/7 Hotline at 1-877-838-2174).

3. Get Assistance and Partner. These three organizations can assist you.

• DoD Cyber Crime Center’s (DC3)
  DoD- Defense Industrial Base Collaboration Information Sharing Environment (DCISE); DC3.DCISE@us.af.mil; 24/7 Hotline – 1-877-838-2174
• National Security Agency’s Cybersecurity Collaboration Center (CCC)
• National Defense Information Sharing and Analysis Center (ND-ISAC)
  – ND-ISAC is the official ISAC for the DIB Critical Infrastructure Sector recognized by DoD and DHS. The ND-ISAC is a private sector self-organized and self-governing entity; it is a trusted partner providing exceptional technical solutions and support to its members. Please email Info@NDISAC.org to contact the team or see ND-ISAC’s public facing website
  .

Thank you for your continued support and collaboration.

Notice to DLA Suppliers: Export-controlled technical information is Controlled Unclassified Information (CUI)/Controlled Technical Information (CTI). DLA suppliers seeking export-controlled technical data for DLA procurement opportunities must have a current National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 cybersecurity assessment (i.e., not more than 3 years old unless a lesser time is specified in the solicitation) posted to the DoD Supplier Performance Risk System (SPRS) to be considered for award. DLA Suppliers who currently have an approved Enhanced Joint Certification (JCP) but have not posted their NIST SP 800-171 assessment to SPRS will not be able to access export-controlled technical data in DLA’s technical data repository after 16 August 2021. Instructions for posting an assessment on SPRS can be found at https://www.sprs.csd.disa.mil/ . For additional information on NIST SP 800-171 assessments and other DoD requirements for safeguarding covered defense information please see DFARS provision 252.204-7019 and clause 252.204-7020 NIST SP 800-171 DoD Assessment Requirements. If you have any questions, please e-mail DLAJ344DataCustodian@dla.mil

Contractors and grants recipients are reminded in most cases that registration in SAM is required in order to receive an award. SAM.gov registration is FREE. There is NO FEE to register or maintain your SAM.gov registration. If you get an email, text, or phone call from a company asking you to contact them right away about your SAM.gov registration or if you are asked to pay money to complete or renew your SAM.gov registration, be cautious. These messages are not from the Federal Government. You may complete or update your registration at www.sam.gov .

CMMC Notice (DOCX)

Land Supplier Ops Available Material (DOCX)