« Back to Glossary Index
NDAA compliance means a product is free from components made by specific manufacturers that the US government has banned from federal procurement on national security grounds. While this started as a US rule, it is now a standard procurement requirement in UK critical infrastructure and security-sensitive enterprise procurement.
Section 889 of the NDAA specifically prohibits Huawei, ZTE, Hikvision, Dahua, and Hytera equipment in federal procurements. The requirement has expanded to UK public sector, NATO supply chains, and private enterprises with security-sensitive operations.
- Documentation required – supplier must provide written confirmation that no prohibited components are used in the product or its supply chain
- Applies to the full product – not just the finished device; component-level verification is needed
- UK CNI relevance – critical national infrastructure projects including transport, utilities, and government buildings increasingly mandate NDAA compliance
- FORS Gold / security accreditations – some scheme requirements reference NDAA-compliant camera systems