Skip to Content

NIST SP 800-171 Information

SPRS provides storage and access to the NIST SP 800-171 assessment scoring information. The NIST SP 800-171 Assessments module contains assessment date, score, scope, plan of action completion date, Included Commercial and Government Entity (CAGE) code(s), System Security Plan (SSP) name, SSP version, SSP date, and confidence level.

To access the NIST SP 800-171 Assessments module users must be registered in the Procurement Integrated Enterprise Environment (PIEE) and be approved for access to SPRS. A “SPRS Cyber Vendor User” role is required for companies to enter/edit basic self-assessment information. If a record header for the Highest Level Owner (HLO) does not exist, one may be created. Once the HLO header has been created, assessments for CAGEs who fall within the HLO hierarchy may be added by selecting the button.

The NIST SP 800-171 Basic Assessment cannot be performed in SPRS, SPRS only stores the results of NIST SP 800-171 Assessments.For preparation information including the assessment methodology refer to the Defense Pricing and Contracting (DPC) Cyber page at Policy - Safeguarding Covered Defense Information and Cyber Incident Reporting. Questions regarding conducting your NIST SP 800-171 assessment should be directed to your Program Office or Contracts representative or the Defense Contract Management Agency (DCMA) general mailbox listed here: DCMA_7012_Assessment_Inquiry@mail.mil.

Reference Materials

SPRS NIST SP 800-171 Entry Tutorial

Watch Tutorial

This tutorial goes over entering and editing the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 Assessment records within SPRS.

View or Print PowerPoint   Transcript

Viewing NIST SP 800-171 Assessments

Watch Tutorial

This tutorial describes viewing National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171.

View or Print PowerPoint     Transcript

Tools for Responsible Awards Logo for Supplier Performance Risk System.

Go to Top