Have you received a self-assessment questionnaire related to Cybersecurity Maturity Model Certification (CMMC)? Many companies who supply parts for government contracts are required to provide a self-assessment to Supplier Performance Risk System (SPRS).
If you’ve been presented with a SPRS request, or realize you need proof of SPRS, we can help you comply. QualityIP offers a template that walks you through compliance, so you can continue to work on government contracts.
Let’s discuss the basics of SPRS and how it relates to CMMC.
What is CMMC?
CMMC is a Department of Defense (DoD) certification that reviews cybersecurity standards and best practices, assigning maturity levels and corresponding requirements. The purpose of CMMC is to reduce the risk of cyber threats and build upon existing Defense Federal Acquisition Regulations Supplement (DFARS).
Cybersecurity has never been more important and preventing security breaks is vital to the future. CMMC will continue to be communicated, so expect to see more about it going forward.
How does CMMC affect suppliers to government contracts?
CMMC is a supplier flow down risk model. The main manufacturer (the “prime”), who supplies the product to the government, vouches for their suppliers, who have to submit the appropriate information to prove due diligence. If you are a supplier for a company with a government contract, completing the self-assessment is the first step needed to continue work with these companies.
How does SPRS relate to CMMC?
Currently, companies are required to submit the self-assessment, which precedes the eventual mandatory compliance to qualify for government contracts.
What is SPRS?
Supplier performance risk system (SPRS) is the source used by the Department of Defense (DoD) to collect information during the self-assessment period.
How do I do the SPRS self-assessment?
To make self-assessment easier, QualityIP can provide a template that simplifies the paperwork required. We’re well versed in CMMC. We have the expertise to guide you through the process, so you can be assured you’re submitting the needed information toward compliance.
Once you have completed the self-assessment, you will know your self-assessment score. Based on your score from the SPRS system, you may be required to submit a plan of action and completion date to meet the required SPRS score of 110. QualityIP can assist you here as well. We can help map out a clear plan of action, with an according timeline. We can base that plan on your budget as well and provide an easy roadmap to follow.
Get Help with SPRS
QualityIP is your experienced IT partner. We can help you navigate CMMC and SPRS with confidence.
We’re an award-winning local IT company with the expertise to help. We’re familiar with all requirements of CMMC certification. We can help you complete your SPRS assessment and also obtain compliance with CMMC.