Purchase CMMC or use your DIBBS or SAM Navigator credentials to login
HomeCMMC OverviewAssessment ToolSysten Security PlanSubmit by Email
Submit by Posting in SPRSRegister in PIEE Register in SPRSPurchaseContact Us
Submit by Posting in SPRS

A CMMC Self-Assessment can be posted directly on SPRS as required by setting up or using an existing PIEE account to access.

The process of posting is simple, in that you only need to post a few pieces of information into your account on the SPRS website. In order to do this you must first

  1. Conduct a CMMC Audit according to the NIST SP 800-171 procedures. Click here.
  2. Set up account in PIEE click here for help in setting up account.
  3. Set up SPRS account in your PIEE account click here for help in setting up account.

When these are completed, be prepared to enter the following information in the SPRS site.

  1. CAGE Code
  2. Company Name – this needs to be entered precisely as it is listed in your CAGE code record
  3. Confidence Level – if you are doing a self-assessment, your level will be Basic. The higher levels of Medium and High generally require hiring a third party trained assessor.
  4. Assessment Standard – this is the NIST standard you used for your assessment. The overall standard is NIST SP 800-171. Evolving versions of this will be indicated by a revision number at the end of the standard (Ex: SP 800-171 rev2)
  5. Date of Assessment – date you completed the Assessment
  6. Score - enter your Assessment score. Almost all scores will be a negative number. DO NOT BE CONCERNED with what your score is. At this point, the government in primarily interested in getting businesses to assess their cybersecurity status and map out ways to improve
  7. System Security Plan – in your assessment you likely complied with some of the requirements and did not comply with others. The government wants you to comply with as many of these as possible. Your Security Plan consists of how you plan to create compliance with those Requirement currently not complied with. The entry in this field is simply the name of your Security Plan (ex: ABC Company CMMC Security Plan)
  8. Date of Completion – The date when your SSP will be completed.

The actual entry process involves only logging into your SPRS account here and filling in the fields presented to you on the NIST SP 800-171 Assessment pages.

Additional Resources

  1. SPRS Quick Entry Guide
 
 
©Copyright 2021 DIBBSNav, LLC