Meet Your CMMC SPRS Requirements

KLC Consulting, your best CMMC SPRS consultant! Have you received letters from the DoD or your prime customer asking about your compliance status with DFARS 252.204-7012 • DFARS 252.204-7019 • DFARS 252.204-7020 (The Supplier Performance Risk System SPRS)? Then it’s likely that you handle Controlled Unclassified Information (CUI) and are NOW required to perform your NIST 800-171 self-assessment and submit its score with summary-level POA&M remediation plan information.

We offer affordable SPRS DoD Services to meet your needs:


Haven’t submitted your SPRS yet?

If you haven’t made your SPRS submission, we have a cost-effective solution for you! Within 4 weeks, we’ll help you develop all the required information and provide the guidance you need to make your DoD SPRS submission.

SPRS Review

Submitted to SPRS but lack confidence?

You’re not alone. According to the DoD Inspector Generals’ 2019 report, many companies lack the expertise to perform an accurate NIST 800-171 self-assessment. We will review your self-assessment to rebuild the foundation of your compliance program.

Call for an Introductory No-Cost Consultation: 617.314.9721  x158

CMMC SPRS Consulting: Here’s How We Work Together

KLC Consulting provides compliance help with your Supplier Performance Risk System SPRS submittal requirements per DFARS 252.204-7020
  • We conduct Zoom calls to analyze how your business operates.
  • Discern the CUI information you handle.
  • Use our proprietary “CUI Data Lifecycle” methodology to scope your CUI boundary, minimize its footprint and reduce your CMMC compliance cost.

1 Input & Creation of CUI

Review and document how it’s received and created.

2 Storage of CUI

Evaluate, inspect, and document processes and mechanisms.

3 Use of CUI

Examine who, what, where, why, and how of usage.

4 Share of CUI

How shared with prime contractors,
subcontractors and DoD.

5 Archive of CUI

Analyze methods and processes of archival and encryption.

6 Disposal of CUI

Evaluate contract requirements with
practices and processes.

SPRS DFARS 252.204-7020 Compliance Package

Let us help you report “In Compliance” to the DoD and your prime contractors.

Here’s the documentation package we prepare for you:

  • SSP documentation of existing NIST 800-171 baseline practices
  • POA&M (Plan Of Action & Milestones) for missing practices
  • Summary Assessment level score with worksheet
  • Debrief call to review our work and answer your questions

Prices start at $14,900 and vary by your in-scope factors, including the numbers of:

  • Physical locations and cage codes
  • Employees and citizenship
  • Systems, Devices, and applications

Now you’re ready to submit and report “In Compliance”

Video Transcript: The DoD’s SPRS and your DFARS 252.204-7020 requirements

[Paul] Today, we will talk about the DoD’s Supplier Performance Risk System SPRS reporting requirement. Kyle, what is it? Can you give a high-level explanation of what the DoDs SPRS is, please?

[Kyle] SPRS is a system hosted by the DoD (continues)

Watch our video discussion about the DoD’s SPRS and your DFARS 252.204-7020 requirements (continues)

The Next Step is to Remediate POAM Deficiences and Prepare for CMMC

Do You Sell Commercial Off The Shelf (COTS)?

If so, NIST 800-171 and CMMC Level 3 don’t apply. If you believe that what you sell to the DoD is COTS, we can help you prove it.

Check out our YouTube channel and LinkedIn pages for the latest informational and educational resources for Cybersecurity Maturity Model Certification.

KLC Consulting provides compliance help with your Supplier Performance Risk System SPRS submittal requirements per DFARS 252.204-7020

Check out our latest CMMC video…

“Do you have a Negative Score on Your NIST 800-171 Self-Assessment?” [Psst…we can help!]

Scroll to Top