Why You Need to Start Now
Effective Nov. 30th, 2020, the Department of Defense (DoD) issued an interim rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to implement a DoD Assessment Methodology to assess contractor implementation NIST SP 800-171 to enhance the protection of Controlled Unclassified Information (CUI) within the DoD supply chain.
Compliance and Documentation is Key to Obtaining an Optimal Score
At this point, DoD Contractors should have a documented System Security Plan (SSP) and Plan of Actions & Milestones (POA&M) that demonstrates their efforts to be fully compliant with NIST SP 800-171. These documents are necessary to be able to receive an optimal score from the self-assessment using the new DoD Assessment Methodology. If your organization does not already have these documents, InfusionPoints can help every step of the way.
Ready to Start? Here's How:
Complete these steps to receive your score:
- Establish the scope and boundary of your information system that processes, stores, and transmits CUI.
- Conducting a self-assessment or with an advisor for every control in the CUI information system
- Total your score leveraging the DoD Assessment Methodology
- Submit the following information to the Supplier Performance Risk System (SPRS):
- Security plan name (if more than one system is involved)
- CAGE code associated with the plan
- A brief description of the plan architecture
- The Date of the assessment
- Your total score
- The date a score of 110 will be achieved (if the score is not 110)
Don't Stress - We've Helped Hundreds of DoD Contractors.
InfusionPoints specializes in helping DoD contractors continue to do work with the government by offering professional cybersecurity solutions and services. You can benefit from having experts on your team to find out your score and learn how to move forward
Want a quick estimate of your score? Fill out the form below!
- 252.204-7000 Disclosure of Information.
- Defense Federal Acquisition Regulation Supplement: Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019-D041)
- NIST SP 800-171 DoD Assessment Methodology, Version 1.2.1, June 24, 2020
- NIST SP 800-171 Rev. 2 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations