As used in this subpart--
Covered item means an item of information technology that is purchased for inclusion in a covered system, and the loss of integrity of which could result in a supply chain risk for a covered system (see section 806(e)(6) of Pub. L. 111-383).
Covered system means a national security system, as that term is defined at 44 U.S.C. 3542(b) (see section 806(e)(5) of Pub. L. 111-38). It is any information system, including any telecommunications system, used or operated by an agency or by a contractor of an agency, or other organization on behalf of an agency--
(1) The function, operation, or use of which--
(i) Involves intelligence activities;
(ii) Involves cryptologic activities related to national security;
(iii) Involves command and control of military forces;
(iv) Involves equipment that is an integral part of a weapon or weapons system; or
(v) Is critical to the direct fulfillment of military or intelligence missions but this does not include a system that is to be used for routine administrative and business applications, including payroll, finance, logistics, and personnel management applications; or
(2) Is protected at all times by procedures established for information that have been specifically authorized under criteria established by an Executive order or an Act of Congress to be kept classified in the interest of national defense or foreign policy.
Information technology, in lieu of the definition at FAR 2.1, and supply chain risk, are defined in the clause at 252.239-7018, Supply Chain Risk.