Home Management Systems Information Security Management Systems NIST 800-171

NIST 800-171

Protect the confidentiality of controlled unclassified information in your nonfederal systems and organization.
Woman sitting at desk while on the phone and holding papers - NIST 800-171 - Cyber Security Framework | NSF

The NIST 800-171 guidelines define how to protect and distribute controlled unclassified information.

Following the Federal Information Security Management Act (FISMA), NIST 800-171 was created to improve information security for controlled unclassified information (CUI). CUI is sensitive and relevant U.S. government information not strictly regulated by the federal government.

However, in conjunction with the Defense Federal Acquisition Regulation Supplement (DFARS), any organization or agency that processes, stores or distributes CUI for the DoD, GSA, NASA or any other federal or state agencies must be incompliance with NIST 800-171.

NSF-ISR's team has extensive technical expertise with security assessment activities in both physical and logical environments, and we work to address information security needs across many industries. Let our team of experts help you assess and document your compliance with NIST 800-171.

Meet NIST 800-171 Assessment Requirements for DoD Contractors

A new U.S. Department of Defense (DoD) rule requires all contractors to have a current NIST 800-171 assessment posted in the DoD’s Supplier Performance Risk System (SPRS) in order to receive a contract award.

The NIST 800-171 and Cybersecurity Maturity Model Certification (CMMC) framework assessments help to ensure the implementation of security controls and the safeguarding of CUI in the defense industrial base.

Ready to Begin the Process?

Contact us with questions or to receive a quote.

Row of servers - Information security | NSF

NSF-ISR's Basic Security Assessment

Information security is a concern for everyone, and we believe that all businesses can benefit from a comprehensive security assessment. Whether you're looking for a one-time audit or working toward certification, NSF-ISR's Basic Security Assessment is the starting point.
Get Started Today

Resources

Think Your Company’s Chief Information Security Officer Is Super Busy? | NSF

Think Your Company’s Chief Information Security Officer Is Super Busy?

Equifax’s Jamil Farshchi deals with three to four million cyberattacks each and every day.

Read more

Man plugging in network wires - NSF-ISR’s Provides Full ISO/IEC 27001 Certification Remotely | NSF

Case Study: NSF-ISR Provides Full ISO/IEC 27001 Certification Remotely

To become an ISO/IEC 27001 certified organization, a Texas-based data center needed an audit of its information security practices in the middle of a nationwide shutdown.

Read more

Cybersecurity Maturity Model Certification (CMMC) Assessments and What You Need to Know

Join Tony Giles, Rhia Dancel and Don McFarland as they discuss what management systems certified organizations need to know in preparation for CMMC assessments. The team covers CMMC levels 1-3, who is assessing, what Level 1 CMMC covers, what to expect in a CMMC assessment and a few new key updates.

Read more

1 of
See More