Attention all DoD Suppliers & prospective CMMC Clients:
On 9/29/2020 an interim rule was posted in the Federal Register which states that The Department of Defense (DoD) now has a requirement for all suppliers to complete a self-assessment to NIST SP 800-171 within the past three years, no later than November 30th, 2020.
That is just SIX WEEKS from now!!
Braxton-Grant Technologies is pleased to be able to offer a Self-Assessment Preparedness Program to help your organization successfully prepare for the required self-assessment; please inquire for pricing and details!
See www.braxtongrant.com , email firstname.lastname@example.org , or call 443-545-2052 ext. 7032
For our friends in Maryland, did you know that there may be funds available to help you comply with this deadline…
The Maryland Defense Cybersecurity Assistance Program (DCAP) provides funding and assistance for Defense Contractors to comply with the DFARS and NIST 800-171 Standards for cybersecurity. The program which provides funding and resources for companies to comply with the cybersecurity standard is funded by the Department of Defense’s Office of Economic Adjustment (OEA) through the Maryland Department of Commerce and is being coordinated by the MD MEP.
• Must be a Defense Contractor with a physical location in Maryland
• 10% or more DoD related business OR a contract/procurement request for compliance
For more information on this program, go to:
DFARS 252.204-7019: Notice of NIST SP 800-171 DoD Assessment Requirements
This new DFARS clause notifies the contractor that they are required to maintain a record within the Supplier Performance Risk System (SPRS). Each contractor will be required to maintain a current DoD Assessment within the system. This means that each contractor will need to have a Low, Medium, or High assessment completed at least every three years and ensure that it is properly reported within SPRS.
Click here to access the SPRS. If you do not have an account with SPRS, you will need to request access through the Procurement Integrated Enterprise Environment (PIEE). Click here to access the PIEE. You will need a certificate to register /authenticate to PIEE / SPRS.