Sign up to save your podcasts
Or
Share SPRS and You: Managing DOD Cybersecurity Expectations
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SPRS and You: Managing DOD Cybersecurity Expectations
Send us a text
We just dived deep into the Department of Defense's NIST SP 800-171 assessment requirements. This is crucial for any contractor involved with DoD contracts, especially when it comes to cybersecurity. Here are three key takeaways:
- Assessment Frequency: If you're implementing NIST SP 800-171, make sure you have a recent assessment conducted within the last three years for every covered information system tied to DoD contracts.
- Assessment Levels: There are three types of DoD assessments - Basic, Medium, and High. Understanding which level applies to you and how to proceed can make or break your eligibility for DoD contracts. The details for each can be found in another key document, the NIST SP 800-171 DoD Assessment Methodology.
- Reporting Requirements: Once your assessment is complete, post your summary level scores in the Supplier Performance Risk System (SPRS). This is a mandatory step to demonstrate your commitment to cybersecurity, and remember, time is of the essence – scores need to be posted within 30 days of assessment completion.
🔗 If you’re involved in defense contracting, keeping up with these requirements is non-negotiable! Tune into our latest episode for the full breakdown and stay ahead in the ever-evolving landscape of cybersecurity standards.
For the official CMMC documentation, click this link: https://dodcio.defense.gov/cmmc/Resources-Documentation/
#DefenseContracting #Cybersecurity #NISTSP800171 #DOD #CMMCNews #PodcastHighlights
Support the show
View all episodes
By Wilson Bautista Jr.Send us a text
We just dived deep into the Department of Defense's NIST SP 800-171 assessment requirements. This is crucial for any contractor involved with DoD contracts, especially when it comes to cybersecurity. Here are three key takeaways:
- Assessment Frequency: If you're implementing NIST SP 800-171, make sure you have a recent assessment conducted within the last three years for every covered information system tied to DoD contracts.
- Assessment Levels: There are three types of DoD assessments - Basic, Medium, and High. Understanding which level applies to you and how to proceed can make or break your eligibility for DoD contracts. The details for each can be found in another key document, the NIST SP 800-171 DoD Assessment Methodology.
- Reporting Requirements: Once your assessment is complete, post your summary level scores in the Supplier Performance Risk System (SPRS). This is a mandatory step to demonstrate your commitment to cybersecurity, and remember, time is of the essence – scores need to be posted within 30 days of assessment completion.
🔗 If you’re involved in defense contracting, keeping up with these requirements is non-negotiable! Tune into our latest episode for the full breakdown and stay ahead in the ever-evolving landscape of cybersecurity standards.
For the official CMMC documentation, click this link: https://dodcio.defense.gov/cmmc/Resources-Documentation/
#DefenseContracting #Cybersecurity #NISTSP800171 #DOD #CMMCNews #PodcastHighlights
Support the show