CMMC

Search

Understanding Your SPRS Score in Secureframe

What is an SPRS Score?

The Supplier Performance Risk System (SPRS) score is a numerical representation of your organization's cybersecurity posture based on NIST SP 800-171 requirements. For contractors handling DoD CUI (and other cases where DFARS requires it), your SPRS score is submitted to the DoD SPRS portal and directly impacts your ability to win and maintain federal contracts.

How SPRS Scoring Works

SPRS scoring starts at 110 and subtracts 1, 3, or 5 points for each NIST SP 800-171 requirement that is not fully implemented.

  • 110 — Maximum score, indicating all 110 NIST 800-171 security requirements are fully implemented
  • 0 — Baseline, no requirements implemented beyond basic safeguards
  • -203 — Minimum score, all requirements not implemented (worst case)

DoD allows limited partial credit for two requirements (MFA and FIPS encryption) with specific deduction rules.

Most organizations starting their CMMC journey have scores between -50 and 50. A score of 110 indicates full compliance with all NIST 800-171 requirements.

Requirement Status and Scoring

Your SPRS score is calculated based on the implementation status of each NIST 800-171 security requirement:

  • Implemented — Full points (requirement fully met)
  • Not Applicable — Full points (requirement doesn't apply to your environment)
  • Partially Implemented — Partial points for MFA and FIPS encryption only
  • Not Implemented — Points deducted from maximum score

Viewing Your SPRS Score in Secureframe

SPRS Score Dashboard

Navigate to your System Security Plan (SSP) and look for the SPRS Score on the right side of the page. This displays your live SPRS score based on requirement statuses.

Score Breakdown by Control

Go to System Security Plan → Control Implementation, and you will see each control listed in a table. This table displays the total number of implement assessment objectives, and your current score for that control based on the assessment objective statuses.

Need help? Contact support@secureframe.com or use the Help widget in the Secureframe app.

Was this article helpful?

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.