Notice to DLA Suppliers: Export-controlled technical information is Controlled Unclassified Information (CUI)/Controlled Technical Information (CTI). DLA suppliers seeking export-controlled technical data for DLA procurement opportunities must have a current National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 cybersecurity assessment (i.e., not more than 3 years old unless a lesser time is specified in the solicitation) posted to the DoD Supplier Performance Risk System (SPRS) to be considered for award. DLA Suppliers who currently have an approved Enhanced Joint Certification (JCP) but have not posted their NIST SP 800-171 assessment to SPRS will not be able to access export-controlled technical data in DLA’s technical data repository after 16 August 2021. Instructions for posting an assessment on SPRS can be found at https://www.sprs.csd.disa.mil/. For additional information on NIST SP 800-171 assessments and other DoD requirements for safeguarding covered defense information please see DFARS Clause 252.204-7020 NIST SP 800-171 DoD Assessment Requirements. If you have any questions, please e-mail DLAJ344DataCustodian@dla.mil.
Posts Tagged NIST 800-171