Special Notice

Portland District USACE – Notice to Industry: Anticipated Requirement for CMMC Level 2 (Self-Assessment) on Future Contract Actions

🏢 DEPT OF DEFENSE 📅 Posted 2025-12-19
The Portland District, U.S. Army Corps of Engineers (USACE), provides this Notice to Industry to inform current and prospective contractors that most future contract actions issued by the District are expected to require Cybersecurity Maturity Model Certification (CMMC) 2.0 Level 2 (Self-Assessment). This notice is informational only and does not constitute a solicitation, request for proposal, or request for quote. In alignment with Department of Defense implementation of CMMC 2.0, contracting officers are required to include applicable CMMC levels in solicitations and to verify that an offeror’s current CMMC status (self-assessment or certification, as required) is recorded in the Supplier Performance Risk System (SPRS) as a condition of award. For most Portland District requirements, offerors will be expected to have completed a CMMC Level 2 self-assessment in accordance with NIST SP 800‑171 requirements, scored using the CMMC Level 2 assessment methodology, and entered their score and affirmation in SPRS prior to award. The following provisions and clauses may be included in forthcoming solicitations and are available here: https://www.acquisition.gov/ Defense Federal Acquisiti...

Notice ID: 04ee1135089b4db7ba06e836501eeb3d · View on SAM.gov ↗

Explore more federal-contracting data

Browse opportunities by NAICS code · set-aside category · state & jurisdiction · buying agency

Win more federal contracts

BidChamp gives small businesses AI-powered bid writing, document analysis, and recompete forecasting - for free during your trial.

Sign up free - 14-day trial, card at signup