How to Generate and Report Your Supplier Performance Risk System (SPRS) Scores

In observance of Cybersecurity Awareness Month (October), the Illinois Procurement Technical Assistance Center (PTAC) at Bradley University is offering a 3-part webinar series. Cybersecurity Awareness Month was recreated as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online. Individuals and organizations have to do their part in protecting their cyberspace. This series of presentations introduces the DoD’s (US Department of Defense) cybersecurity evolution from NIST 800-171 to the new CMMC (Cybersecurity Maturity Model Certification). During the presentations, we will explore the DoD’s rationale for implementing this, but most importantly educate DoD suppliers as to how to navigate the requirement and understand the DoD’s expectations. If you are one of the 221,000+ suppliers to the DoD – whether big or small, whether prime or subcontractor, if you handle Federal Contract Information (FCI) or Controlled Unclassified Information (CUI), you will need to become certified to bid on contracts, which became a requirement in early 2021. We will conclude with a complete path forward on becoming certified and explore why the process will likely take most organizations 6 months or more to become certified. Benefits of Attending: Understand what DFARS clauses require us to produce and report Supplier Performance Risk System (SPRS) scores Understand the DoD 800-171 Assessment Methodology and scoring system Understand how to perform a self-assessment using the scoring system Use a basic tool that will help generate a “quick and dirty” score (provided by Totem) Use the NIST 800-171A Assessment Objectives to generate a higher fidelity score over time Understand the requirements for access to the SPRS site Understand how to report your score once access is granted Our Speaker: Adam Austin, Lead Cybersecurity Engineer for Totem Tech, has a decade of experience securing classified and HIPAA-environment US Government IT systems, having worked with NASA, the Centers for Medicare and Medicaid (CMS), and the Department of Defense. He is currently a CMMC-AB Registered Practitioner (RP). Adam holds a Master’s Degree in Information Assurance from Capitol Technology University, and is an ISACA Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA). Adam’s goal is to leverage his experience and education to help small businesses implement affordable risk-based cybersecurity programs. Totem is a proud Veteran Owned Small Business.