The DFARS clause 252.204-7012 interim rule released on September 29, 2020 requires that all government contract wins issued to contractors are dependent on the contractor inputting a Supplier Performance Risk System (SPRS) score in the SPRS database system. The SPRS score is derived from a contractor’s score calculated based on the NIST SP 800-171 requirements that have been implemented. Your score in the SPRS database may be a consideration during the selection process.
DFARS Interim Rule Executive Summary
CMMC is being rolled out by DoD over the next 5 years. DoD expects the number of contracts with CMMC requirements to reach 75 by Fiscal Year (FY) 2022, 250 contracts by FY 2023, and 479 contracts in FY 2024. DoD expects all new DoD contracts to contain CMMC requirements starting in FY 2026. Looking forward, the DoD expects to have 1,500 contractors certified in FY 2021; 7,500 more in FY 2022; 25,000 more by FY 2023; and almost 48,000 by FY 2025. If you are not CMMC certified at the appropriate level prior to contract award, then working on DoD contracts will not be possible.