DFARS 252.204-7019
Notice of NIST SP 800-171 DoD Assessment Requirements
Notice clause — informs offerors that they must have a current NIST SP 800-171 DoD Assessment posted in the Supplier Performance Risk System (SPRS) and that the assessment score will be considered as part of responsibility determinations.
Not flowed down (notice clause).
What this clause requires
- 1Have a current (within 3 years) NIST SP 800-171 DoD Assessment posted in SPRS.
- 2Self-assessment is acceptable (Basic Assessment); some procurements require Medium or High (third-party) assessments.
- 3Score is posted as a number out of 110 (each control implementation = +1 or partial credit per DoD methodology).
- 4Negative scores are possible when controls are weighted with deductions.
When this clause applies
Common pitfalls
Proposal-team checklist
- ☐Confirm current SPRS Basic Assessment score is posted; refresh if > 3 years old.
- ☐Reconcile SSP, POA&M, and SPRS score before submission.
- ☐Determine whether the solicitation requires Basic, Medium, or High Assessment.
Stop tracking clauses in spreadsheets.
BidCraft auto-detects every FAR / DFARS clause in your RFP, builds the compliance matrix, and structures the response. Try free.
Generate a Proposal →FAQ
What score do I need to win?
There is no fixed pass/fail. Higher scores are more competitive. Some agencies prefer 110 (perfect); many accept lower scores with a credible POA&M. Score impacts responsibility determinations.
Related clauses
Home · All FAR Clauses · Government RFP · Sample Proposal
Reference content based on the Federal Acquisition Regulation and DFARS as of June 2026. Always verify the current clause text at acquisition.gov before relying on it for an actual submission. Educational reference; not legal advice.