Thomas Gerke

Regional Manager

Orem, UT

In order for a commercial cloud service offering (CSO) to be used by a federal agency, the CSO must demonstrate FedRAMP compliance which is the ability to substantiate adherence to government security requirements outlined in NIST 800-53 and supplemented by the FedRAMP Program Management Office (PMO).

Help businesses read the cyber-related clauses and other instruction included in the solicitations they will bid on so they know the particular contracting officer’s requirements.
Encourage all businesses to go through the cyber self-assessment and post their score in SPRS.  It is good for their cyber hygiene to consider the 110 points included in the assessment and if/when they ever need to have a score in SPRS, they’ll be ready.  The requirement to list a score in SPRS does not include a minimum score that must be obtained for award so even businesses with a score of zero can receive an award.  The requirement is simply to post a score in SPRS.

I think it possible each agency will execute slightly differently at first so reviewing each solicitation for additional cyber-related guidance is a must.

NIST & CMMC Compliant

Datum Radix LLC DBA GoGov.US, a Consortium Network LLC Member.

DRX Transparent Logo.png

©2020 BY Datum Radix LLC DBA GoGov.US. under the Consortium Network LLC Holding Company. ALL RIGHTS RESERVED.  The Consortium Network and it's member LLC's are for profit Entities not associated with the Small Business Development Center (SBDC), Procurement Technical Assistance Center (PTAC), Florida International University (FIU), the Small Business Administration (SBA), Defense Logistic Agency (DLA) or any of it's stakeholders.