Purchase CMMC or use your DIBBS or SAM Navigator credentials to login
HomeAssessment OverviewAssessment ToolSysten Security PlanSubmit by Email
Submit by Posting in SPRSRegister in PIEE Register in SPRSPurchaseContact Us
Cybersecurity Assessment Program
The US Government and the Department of Defense are deeply concerned about the cybersecurity of the drawings and specifications of the products and materials they buy and use. They are in the process of implementing a wide-reaching cybersecurity program that will impact all suppliers and manufacturers dealing with the federal government.
A program called CMMC (Cybersecurity Maturity Model Certification) is currently if very early stages of rollout and expects full implementation in 2025. CMMC will be based on the critical cybersecurity elements outlined by NIST in their SP 800-171. Preparatory to full CMMC implementation, the Department of Defense has implemented a program, based on the above NIST standards that is referred to as DoD Assessment.
The cornerstone of the DoD Assessment program is the performance of a cybersecurity Assessment for every contractor and the posting of that Assessment score on to the government SPRS site. The Assessment is intended to identify cybersecurity deficiencies and create a System Security Plan (SSP) for the correction of these gaps. The Assessment score is a single number and needs to be submitted to the government. The SSP is a document that stays internal to your business and is intended to be used to guide corrective action.
If you are doing business with the Department of Defense or expect to, now is the time to deal with the DoD Cybersecurity Assessment requirements. Many solicitations being issued now have these requirements (see DFARS 252.204.7019 and 7020) in them. If you are seeking access to Joint Certification Program (JCP) controlled documents, all new and renewal JCP applications require a DoD Assessment.
Importantly, meeting this Assessment requirement is not difficult for most businesses. The details of Assessment have been collected and distilled and can be accessed at the links below.
This Overview will explain the background and the basic steps in a compliant DoD Cybersecurity Assessment  
Provides a tool that lists all 110 NIST cybersecurity elements, has check box response for each and automatically calculates your Assessment score.
  This explains the details of how to prepare and maintain your System Security Plan.
  This explains the details of how to submit your Assessment score either by email or by posting directly into SPRS.
Reading the Overview will explain the process. If you wish to proceed further into the Assessment and Submission processes, you must purchase CMMC Navigator ($45 for 30 days). Click here to purchase. Your purchase will include 30 days of full access to DIBBS Navigator and SAM Navigator -- the best tools available for finding federal solicitations that match your business.
CMMC Navigator is a service provided by DIBBS Navigator
┬ęCopyright 2021-2022 DIBBSNav, LLC