SPRS

SPRS (Supplier Performance Risk System) is the DoD's online system where defense contractors submit their cybersecurity self-assessment scores. When you evaluate your company against the 110 NIST SP 800-171 requirements and calculate a score (ranging from -203 to 110), you enter that score into SPRS.

Contracting officers check your SPRS score before awarding contracts. A perfect score of 110 means you fully meet all requirements. Most companies start well below that and use a POA&M to track their path to full compliance. Your SPRS score, along with the date of your assessment and a brief description of your system, must be current and accurate.