With the implementation of the DFARS Cybersecurity requirements that went into effect on November 30, 2020. A self-assessment score is required to be submitted to the DOD Supplier Performance Risk System (SPRS). This scoring system falls in line with the NIST 800-171 (similar to CMMC Level 3) security requirements which all government contractors and their sub-contractors are now required to implement into their normal business operations.
To assist in this process our team at Secure Halo has developed a self-assessment calculator that we use with our clients in assisting with their cybersecurity initiatives.
How it works?
The completion of each security control in the NIST 800-171 compliance process is given 1 point for completion with a required score of 110. Since each of the controls are not created equal you can lose up to 5 points for not implementing a control, so it is possible to obtain a negative score.
Also, some controls allow for a partial score if the control is partially implemented. Cybersecurity controls that have a possible score of -5 can have a partial score of -3 if partially implemented. Cybersecurity controls that have a possible implementation score of -3 can have a partial score of -1.
To start collecting your scoring information DOWNLOAD our tool here and, in the Implementation column simply select Incomplete, Partial, or Complete and your score will be automatically generated. We built this in Excel format so your organization can save your progress and continue through this process over time.
If you need cybersecurity assistance in your implementation progress the team at Secure Halo is standing by.