Why Defense Industrial Base (DIB) Scores Matter?
- Required for existing contracts
- Understand your contract to make sure you know if the requirements are pre or post award
- Foundational Level are what companies are expected to have in place now
- DFARS 7012, 7019 and 7020 still apply
- FAR 17 controls still hold (NIST 800-171)
- DFARS 7019 requires a self-assessment and accurate reporting of your Supplier Performance Risk System (SPRS) score
- DoD is perusing False Claims Act if you are not abiding by the regulation
- CMMC 2.0 Level 1 is the same as CMMC 1.0 Level 1
- We believe your work at the Foundational Level (CMMC 2.0 Level 1) should be performed in such a manner to prepare you form CMMC 2.0 Level 3.
-
- This means having documented and implemented policies and procedures as evidence
- This documentation will make it easier for you to do your future self-assessments
-
- You are responsible for ensuring that your sub-contractors are compliant
-
- If your sub cannot do the basics you may want to look elsewhere
- You could possibly “enclave” them into your environment if they cannot get their act together
-
- One person companies still must comply at Level 1 and possibly higher
-
- We have had a great deal of success with very small companies as well as larger organizations
-
DO NOT IGNORE THESE REQUIREMENTS – The Goal is to protect the DIB