A Detailed Overview of Supplier Performance Risk System SPRS

Summary: It is important for every DoD contractor to upload its self-assessment results to the SPRS. This article talks about this process in detail.

The US Department of Defense (DoD) released an Interim Rule on September 29, 2020, related to the compliance of contractors to the National Institute of Standards and Technology Special Publication 800-171 (NIST SP 800-171). There are two important requirements mentioned in this Interim Rule including generation of self-assessment score, and uploading it to the Supplier Performance Risk System (SPRS).

What is SPRS?

The US DoD is keen to identify, monitor, and assess unclassified performance. The SPRS is an authoritative source containing the assessments related to the performance of the suppliers for the DoD acquisition community. The DoD acquisition professionals get a huge aid from this source in the form of: -

  • Quality classifications
  • On-time delivery score
  • Status of a company
  • NIST SP 800-171 assessments results
  • National Security System Restricted List
  • Supply Chain Illumination

How to Upload Basic Assessment Score to SPRS?

The SPRS is only capable of storing and retrieving the results of NIST SP 800-171 assessment results. The contractors should generate their self-assessment results by following the NIST SP 800-171 assessment methodology. After getting a result, the contractors are required to upload it to the SPRS through the Procurement Integrated Enterprise Environment (PIEE). The SPRS can only be accessed by the approved company personnel.

How to Access SPRS for Entering Assessment Score?

Every contractor requires the SPRS Cyber Vendor User role for the SPRS application in PIEE to enter its self-assessment score. The Contractor Account Administrator (CAM) associated with the CAGE of the contractor will review and approve its request after submission. You should get registered in PIEE to access the SPRS application. After registering on PIEE, you need to log in and click ‘My Account. After that, you need to click “Add Additional Roles”. Then, you have to complete different roles by following three steps including select the SPRS application, select the Cyber Vendor Role, and add roles. After that, you need to follow a prompt to complete the request. After submitting the request, you should wait for its approval. You can check the status of your account by clicking “manage roles” in “my account”.

Importance of SPRS

The US DoD has launched the SPRS application to provide data to the DoD Professionals about the performance of the contractors and vendors. The contractors are required to post their self-assessment score on the SPRS application to ensure their compliance with the NIST SP 800-171 to protect Controlled Unclassified Information (CUI). The SPRS contains information about this special publication. It is an application that aims to mitigate vendor threats. It also contains up-to-date supplier profile information on all the current DoD vendors. Apart from it, the SPRS application provides various reports to the DoD professionals including item risk, market research, risk analysis, supplier risk, supplier surveillance supply code relationship, summary, and solicitation inquiry reports.

Conclusion

The SPRS is an application that contains a bulk of shared data related to the performance of the suppliers working with the US DoD. The purpose of this application is to ensure the compliance of DoD contractors and vendors with the NIST SP 800-171 standards. The contractors are required to upload their self-assessment or basic assessment results on the SPRS via PIEE. In this article, the significance of the SPRS and how to access it are explained in detail.