<img src="https://ws.zoominfo.com/pixel/cEO5AncHScwpt6EaX0mY" width="1" height="1" style="display: none;">
Skip to main content

Celerium Announces NIST 800-171 Assessment Q&A Website

December 15, 2020


The website provides answers to common questions related to NIST 800-171 assessments and the U.S. Department of Defense Supplier Performance Risk System (SPRS), with information provided by Celerium as well as the Defense Contract Management Agency 


EL SEGUNDO, Calif. -- The CMMC Academy, an initiative of Celerium Inc., today announced the launch of its NIST 800-171 Q&A website, which was created to help suppliers to the U.S. Department of Defense get answers to common questions about NIST 171 standards, and the DoD assessment methodology that went into effect as of November 30, 2020.

The recent DFARS rule update from the U.S. Department of Defense has a major emphasis on NIST 800-171. Defense contractors will need to provide a NIST 800-171 self-assessment and upload it to the SPRS site in order to be eligible for future contracts or to execute options on existing contracts.

The NIST 800-171 Q&A website provides answers to many questions related to 171, including general questions as well as questions related to specific topics such as NIST 171 vs. CMMC, CUI, SPRS, small business, and scoring and assessments. As of December 15, more than 100 questions are answered on the Q&A site. Much of the information posted on the site comes from the Defense Contract Management Agency, which covers the application of cybersecurity contract requirements and policies supporting NIST 800-171 audits.

The CMMC Academy also facilitated two webinars to provide information related to the updated NIST 800-171 guidelines:

  • A webinar on November 10, co-sponsored by Steptoe & Johnson LLP, provided an overview of the interim DFARS rule and associated methodology, as well as an assessment discussion and Q&A focused on how NIST 800-171 reviews and audits will be performed with John Ellis, Director of the Software Division at the Defense Contract Management Agency.
  • Because of the high volume of questions that came in for the November 10 webinar, the CMMC Academy hosted a follow-up webinar with Mr. Ellis on December 8 to provide more insights into NIST 171 assessments, including questions related to SPRS, scoring, NIST and small business, how NIST 171 relates to CMMC, and more.

A free NIST 800-171 assessment tool is also available from the CMMC Academy to help defense suppliers facilitate their self-assessment. This is an Excel-based tool that can be securely saved with password protection.

“Compliance with NIST 800-171 is crucial to securing the defense supply chain as quickly as possible, especially as CMMC rolls out over the next five years. The CMMC Academy provides valuable tools to the defense community to help provide information and clarification related to DoD’s cybersecurity initiatives. With this NIST Q&A site, we’re providing answers to more than 100 questions that defense suppliers have about the updated NIST requirements – from how to use SPRS to legal questions related to NIST 171,” said Tommy McDowell, General Manager of Celerium. “This information is crucial to the proper implementation of NIST 171, and we’re proud to be able to provide these resources.”  

Celerium’s NIST 800-171 Q&A site is available here. Questions are being accepted via email, and email updates from the Q&A site are available to those who sign up.


About Celerium

Celerium® is focused on improving supply chain cyber defense within critical infrastructure industries, including the defense, aviation, and automotive industries. Its Cyber Defense Network™ (CDN) family of solutions empowers organizations to defend and protect against cyber threats via cyber threat intelligence and threat sharing tools

Celerium is a leading supplier of cyber threat intelligence and cyber threat sharing solutions for critical infrastructure organizations serving the defense, aviation, and automotive industries.

Celerium also powers the next generation of information-sharing organizations, including ISAOs and ISACs. Relied on by government agencies, enterprise risk management teams, CISOs, and SOC analysts, Celerium provides cyber defense solutions to help organizations defend and protect against threats. Learn more at www.celerium.com.


Lyndsi Stevens
(850) 582-5351