Compliance

SPRSSPRS Score

The Supplier Performance Risk System score (-203 to 110) reflecting a contractor's self-assessed compliance with NIST SP 800-171. Required for DoD contracts involving CUI.

Related Terms

NIST SP 800-171

The NIST standard specifying 110 security requirements for protecting CUI in non-federal systems. Forms the basis of CMMC Level 2 and DFARS 252.204-7012 compliance.

CMMC Level 2 (Advanced)

The mid-tier CMMC level requiring all 110 NIST SP 800-171 controls. Most contracts involving CUI require this level with third-party assessment.

POA&M

A document identifying security weaknesses, the planned remediation actions, required resources, and scheduled completion dates for achieving full compliance.

Related Guides

CMMC Compliance Guide→

← Back to Glossary