1. Learn how to work with protected information:  What is CUI? 

  2. Create a Secure Environment for Work:  NIST 800-171r2   DFAR 252.204-7012   10 Steps    Heads Up, Defense Subcontractors! 

  3. Perform a Self Assessment   NIST 800-172A   DFAR 252.204-7019   Self Assessment Tool 

  4. Generate System Security Plan (SSP) and Plan of Action with Milestones (POAM).

  5. Obtain and publish SPRS score.   Worksheet

  6. Input score, SSP, and POAM into SPRS system.  800.171 Quick Entry Guide

  7. Provide SPRS score to Prime Contractor.

  8. Set up Two-Factor (MFA) Authentication. 

    Microsoft Resources:  What MFA is   Once Registered   Change Method   Register for Addition 

  9. As an alternative to trying to accomplish steps 2 through 4 above on your own, contact PreVeil to learn how they can help.  Learn more about Preveil here.  

  10. Create Preveil Enterprise Account.
  11. Start work!



If you need additional information, please email us at