CYBERSECURITY

SUPPLIER COMPLIANCE


Let us Get Your Suppliers Compliant with the latest regulations.

CYBERSECURITY

SUPPLIER COMPLIANCE


Let us Get Your Suppliers Compliant with the latest regulations.

GET YOUR SUPPLIERS COMPLIANT WITH THE LATEST DEFENSE AND CYBERSECURITY REQUIREMENTS

Are you struggling to get your suppliers compliant with the latest Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7020 Cyber Security requirements per National Institute of Standards and Technology (NSIT) SP 800-171?

These are new regulations, and most tier 2 and tier 3 suppliers are not familiar with the NIST SP 800-171 assessment methodologies. 

GPSI will approach every supplier within your supply chain across the globe and will offer expertise and guidance to ensure they are compliant.

Military Fighter Aircraft Flying

HOW CAN WE HELP?

The process of getting compliant is time-consuming. Therefore, GPSI will provide you with the needed assistance to ensure all your suppliers are compliant while providing you with real-time progress.

Our approach consists of 3 easy steps:

  • Guide every supplier to complete a Basic Self-Assessment per NIST SP 800-171 DoD Assessment methodologies

  • Ensure that every supplier has submitted a summary level score into SPRS within a given time frame

  • Follow up with every supplier using a survey to ensure that they completed the above two (2) steps and met the compliance with DFARS 252.204-7020

HOW CAN WE HELP?

The process of getting compliant is time-consuming. Therefore, GPSI will provide you with the needed assistance to ensure all your suppliers are compliant while providing you with real-time progress.

Our approach consists of 3 easy steps:

  • Guide every supplier to complete a Basic Self-Assessment per NIST SP 800-171 DoD Assessment methodologies

  • Ensure that every supplier has submitted a summary level score into SPRS within a given time frame

  • Follow up with every supplier using a survey to ensure that they completed the above two (2) steps and met the compliance with DFARS 252.204-7020

Why Choose Us? Worldwide Reach Expertise Technological Resources Adaptability Responsiveness

Worldwide Reach

GPSI has operated over the last 15 years in 17 different countries

Expertise

GPSI is known within the defense industry and has worked with major Aerospace OEM’s, Tier 1 and Tier 2

Technological Resources

GPSI utilizes the latest technological resources to offer you real time reporting and efficiency.

Adaptability

GPSI can adapt to your need offering you flexibility and agility.

Responsiveness

GPSI provides you with a high Responsiveness rate to meet your need in a timely manner.

What are the requirements?

The NIST (National Institute of Standards and Technology) Special Publication 800-171 is a set of standards and requirements to safeguard the distribution of sensitive materials. The lasts DFARS clause 252.204-7020 defines the DoD assessment requirements based on the NSIT SP 800-171.

Who should be compliant?

All contractors and subcontractors of the U.S. Department of Defense (DoD) must implement, at a minimum, the security requirements stated by the NSIT SP 800-171. It is the contractors’ responsibility to make sure all their subcontractors are compliant.  

What are the consequences of not being compliant?

A non-compliance to the cybersecurity requirements or a missed deadline could affect the contractor’s relationship with the DoD and result in a loss of the contracts.

What are the required actions?

The following steps are required to enable a Prime Contractor to continue awarding Government subcontracts to a supplier without interruption:

  • Step 1

    Complete the Assessment

    You must have completed at least a Basic Assessment per NIST SP 800-171 DoD Assessment Methodology within the last three years for all applicable covered contractor information systems. A Basic Assessment is a self-assessment. If DCMA has already conducted a Medium or High Assessment for your organization and you received a score, you have completed this step.

  • Step 2

    Post Assessment Score

    If you completed a Basic Assessment, you must submit your summary-level score and other information required by 252.204-7020(d) into SPRS or send an encrypted email to the address webptsmh@navy.mil for posting to SPRS. If you have a Medium or High Assessment score, ensure you post your score to SPRS for all CAGE codes covered by your System Security Plan.

WHAT ARE THE CONSEQUENCES
OF NOT BEING COMPLIANT?

A non-compliance to the cybersecurity requirements or a missed deadline could affect the contractor’s relationship with the DoD and result in a loss of the contracts.

How did a major defense contractor get 98% of their suppliers compliant in 60 days.

Learn how a major department of defense contractor got 98% of their supplier base compliant with the latest Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7020 Cyber Security requirements in just 60 days, using the support of Global Partner Solutions.

They work with us: