CybersecurityFlows Down to Subs

DFARS 252.204-7019Notice of NIST SP 800-171 DoD Assessment Requirements

Overview

This clause requires contractors to have a current NIST SP 800-171 assessment on record in the Supplier Performance Risk System (SPRS) before contract award. The assessment uses a 110-point scoring methodology and results must be posted to SPRS and kept current.

When Does This Apply?

Solicitations and contracts that include DFARS 252.204-7012 and require a current NIST 800-171 assessment score in SPRS.

Key Requirements

1Post assessment score to SPRS before contract award
2Maintain current assessment (updated within 3 years)
3Allow DoD to conduct higher-level assessments if required
4Scores range from -203 to 110 based on gap analysis

Flowdown to Subcontractors

Yes — DFARS 252.204-7019 flows down to subcontractors. All subcontractors in the supply chain must comply with this clause when applicable.

Related NIST 800-171 Controls

3.12.1 3.12.2 3.12.3

Frequently Asked Questions

What is DFARS 252.204-7019?

DFARS 252.204-7019 (Notice of NIST SP 800-171 DoD Assessment Requirements) This clause requires contractors to have a current NIST SP 800-171 assessment on record in the Supplier Performance Risk System (SPRS) before contract award. The assessment uses a 110-point scoring me

Does DFARS 252.204-7019 flow down to subcontractors?

Yes, DFARS 252.204-7019 flows down to subcontractors. All applicable subcontractors must comply with this clause.

When does DFARS 252.204-7019 apply?

Solicitations and contracts that include DFARS 252.204-7012 and require a current NIST 800-171 assessment score in SPRS.

Related Guides

CMMC Compliance Guide→

Free Compliance Tools

🛡

CUI Auditor

Audit your tech stack for CUI handling gaps across 80+ enterprise tools.

🗺

CUI Flow Mapper

Map how CUI flows through your organization and identify spillage risks.

✅

FedRAMP Finder

Search 80+ FedRAMP-authorized products by category and authorization level.

Is your tech stack DFARS 252.204-7019 compliant?

Run our free CUI Auditor to check if your tools meet this clause's requirements.

Audit Your Tech Stack Free

Track DFARS 252.204-7019 compliance changes with AI-powered intelligence

Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.

Start Free — 90 Days

Discussion

Share your experience implementing this in your organization.

Join the Club to unlock joining discussions

Free membership — access intelligence, save your work, and more.

Create free account

← All DFARS Clauses

DFARS 252.204-7019Notice of NIST SP 800-171 DoD Assessment Requirements

Overview

When Does This Apply?

Solicitations and contracts that include DFARS 252.204-7012 and require a current NIST 800-171 assessment score in SPRS.

Key Requirements

1Post assessment score to SPRS before contract award
2Maintain current assessment (updated within 3 years)
3Allow DoD to conduct higher-level assessments if required
4Scores range from -203 to 110 based on gap analysis

Flowdown to Subcontractors

Yes — DFARS 252.204-7019 flows down to subcontractors. All subcontractors in the supply chain must comply with this clause when applicable.

Related NIST 800-171 Controls

3.12.1 3.12.2 3.12.3

Frequently Asked Questions

What is DFARS 252.204-7019?

Does DFARS 252.204-7019 flow down to subcontractors?

Yes, DFARS 252.204-7019 flows down to subcontractors. All applicable subcontractors must comply with this clause.

When does DFARS 252.204-7019 apply?

Solicitations and contracts that include DFARS 252.204-7012 and require a current NIST 800-171 assessment score in SPRS.

Is your tech stack DFARS 252.204-7019 compliant?

Run our free CUI Auditor to check if your tools meet this clause's requirements.

Audit Your Tech Stack Free

Track DFARS 252.204-7019 compliance changes with AI-powered intelligence

Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.

Start Free — 90 Days

Discussion

Share your experience implementing this in your organization.

Join the Club to unlock joining discussions

Free membership — access intelligence, save your work, and more.

Create free account