The NIST 800-171 guidelines define how to protect and distribute controlled unclassified information.
Following the Federal Information Security Management Act (FISMA), NIST 800-171 was created to improve information security for controlled unclassified information (CUI). CUI is sensitive and relevant U.S. government information not strictly regulated by the federal government.
However, in conjunction with the Defense Federal Acquisition Regulation Supplement (DFARS), any organization or agency that processes, stores or distributes CUI for the DoD, GSA, NASA or any other federal or state agencies must be incompliance with NIST 800-171.
NSF-ISR's team has extensive technical expertise with security assessment activities in both physical and logical environments, and we work to address information security needs across many industries. Let our team of experts help you assess and document your compliance with NIST 800-171.
Meet NIST 800-171 Assessment Requirements for DoD Contractors
A new U.S. Department of Defense (DoD) rule requires all contractors to have a current NIST 800-171 assessment posted in the DoD’s Supplier Performance Risk System (SPRS) in order to receive a contract award.
The NIST 800-171 and Cybersecurity Maturity Model Certification (CMMC) framework assessments help to ensure the implementation of security controls and the safeguarding of CUI in the defense industrial base.