SPRS Submission Score Sheet
Supplier Performance Risk System - NIST SP 800-171 Assessment
Company Name
CAGE Code
DUNS Number
Assessment Date
Assessor Name
Assessor Title
95
Total SPRS Score (Range: -203 to +110)
Access Control (AC) - 22 Controls
20
AC.1.001
Limit information system access to authorized users
Fully Implemented
Partially Implemented
Not Implemented
+5
AC.1.002
Limit information system access to authorized processes
Fully Implemented
Partially Implemented
Not Implemented
+5
AC.1.003
Verify and control connections to external systems
Fully Implemented
Partially Implemented
Not Implemented
+5
AC.2.004
Control public access to information system
Fully Implemented
Partially Implemented
Not Implemented
+5
Audit and Accountability (AU) - 12 Controls
12
AU.1.001
Create and retain system audit logs
Fully Implemented
Partially Implemented
Not Implemented
+1
AU.2.002
Ensure audit events are compiled from multiple sources
Fully Implemented
Partially Implemented
Not Implemented
+1
System and Communications Protection (SC) - 13 Controls
13
SC.1.001
Monitor, control, and protect communications
Fully Implemented
Partially Implemented
Not Implemented
+1
SC.2.002
Implement cryptographic mechanisms
Fully Implemented
Partially Implemented
Not Implemented
+1
Submission Information
Submission Date
Next Assessment Due
POA&M Status
Current
Pending Update
Not Required
Contract Requirement
DFARS 252.204-7012
DFARS 252.204-7019
DFARS 252.204-7020
Generate SPRS Submission Report
Scoring Legend
Fully Implemented: Positive points awarded
Partially Implemented: No points awarded
Not Implemented: Negative points assessed