CMMC News Flash for Defense Contractors

DOD: Failure to implement NIST 800-171 may be a material breach

The Department of Defense, (DoD), takes the protection of controlled unclassified information, (CUI), on contractor information systems seriously. On June 16, 2022, the DOD warned that failure to comply with DFARS 7012 and 7020 (submission to SPRS), may result in contract termination by your contract officers.

Contractors must implement the NIST 800-171 security measures at the time the solicitation is issued or authorized by the contracting officer. Failure to have or make progress on a plan to implement NIST 800-171 requirements may be considered a material breach of contract requirements.

Remedies for such a breach may include:

  • Withholding progress payments;
  • Foregoing remaining contract options; and
  • Potentially terminating the contract in part or in whole.

“Contracting Officers should consult with legal counsel as well as the program office or requiring activity to discuss appropriate remedies for the specific circumstances surrounding individual contracts.”

Cited from The Office Of The Under Secretary Of Defense

We can help you meet your NIST 800-171 requirements. 

Contact us if you have not submitted your NIST 800-171 assessment score to SPRS or are unsure if you have the accurate scope or score. 

Learn more DOD SPRS viewpoints from KLC Consulting President, Kyle Lai in the 40 minute video below. (view the transcript here)