The Department of Defense (DoD) recently issued a final ruling that requires contracting officers to consider supplier risk assessments in the Supplier Performance Risk System (SPRS) when evaluating offers. This ruling is an effort to improve the cybersecurity of the defense industrial base (DIB) by encouraging contractors to implement strong cybersecurity measures and effectively manage their supply chains.
Under the old DFARS 7019 ruling, contractors were required to enter their score into SPRS with the assumption that contracting officers might be checking to confirm the score was in there before the decision was made to award a contract.
Contracting officers are now instructed by the final rule to consider assessments, if available, in determining contractor responsibility through the new solicitation provision called DFARS 252.204-7024, effective March 22, 2023. The new ruling makes checking the score a requirement before awarding a contract.
One of the key ways that contractors can improve their SPRS score, and therefore their chances of winning DoD contracts, is by completing a NIST 800-171 assessment. This assessment is a set of cybersecurity standards developed by the National Institute of Standards and Technology (NIST) that contractors must meet in order to do business with the DoD.
However, completing a NIST 800-171 assessment can be a complex and time-consuming process. That’s where Systems Management Enterprises (SME) comes in. SME is a leading provider of cybersecurity and compliance solutions for government contractors, and they can help contractors navigate the NIST 800-171 assessment process and improve their SPRS score.
SME offers a comprehensive suite of services designed to help contractors meet NIST 800-171 requirements and improve their cybersecurity posture. These services include:
- NIST 800-171 Compliance Assessment: SME’s team of cybersecurity experts will conduct a thorough assessment of your organization’s current cybersecurity posture and identify any gaps or vulnerabilities that need to be addressed to meet NIST 800-171 requirements.
- Plan of Action and Milestones (POAM) Development: SME will help you develop a comprehensive POAM that outlines the steps you need to take to address any gaps or vulnerabilities identified during the compliance assessment.
- Cybersecurity Policy Development: SME can help you develop and implement cybersecurity policies and procedures that meet NIST 800-171 requirements and align with your organization’s overall cybersecurity strategy.
- Employee Training and Awareness: SME can provide cybersecurity awareness training to your employees to help them understand their role in protecting sensitive information and preventing cyberattacks.
By partnering with SME, contractors can improve their SPRS score and demonstrate to the DoD that they are taking cybersecurity seriously. SME’s team of cybersecurity experts can help contractors navigate the complex world of cybersecurity compliance and ensure that they are meeting all relevant standards and regulations.
Contractors can improve their chances of winning DoD contracts by completing a NIST 800-171 assessment and improving their SPRS score. SME can help contractors navigate the assessment process and improve their cybersecurity posture, ensuring that they are well-positioned to compete in the DIB. Contact us to today to get started!