Home Management Systems Information Security Management Systems NIST 800-171

NIST 800-171

Protect the confidentiality of controlled unclassified information in your nonfederal systems and organization.
Woman sitting at desk while on the phone and holding papers - NIST 800-171 - Cyber Security Framework | NSF

The NIST 800-171 guidelines define how to protect and distribute controlled unclassified information.

Following the Federal Information Security Management Act (FISMA), NIST 800-171 was created to improve information security for controlled unclassified information (CUI). CUI is sensitive and relevant U.S. government information not strictly regulated by the federal government.

However, in conjunction with the Defense Federal Acquisition Regulation Supplement (DFARS), any organization or agency that processes, stores or distributes CUI for the DoD, GSA, NASA or any other federal or state agencies must be incompliance with NIST 800-171.

NSF-ISR's team has extensive technical expertise with security assessment activities in both physical and logical environments, and we work to address information security needs across many industries. Let our team of experts help you assess and document your compliance with NIST 800-171.

Meet NIST 800-171 Assessment Requirements for DoD Contractors

A new U.S. Department of Defense (DoD) rule requires all contractors to have a current NIST 800-171 assessment posted in the DoD’s Supplier Performance Risk System (SPRS) in order to receive a contract award.

The NIST 800-171 and Cybersecurity Maturity Model Certification (CMMC) framework assessments help to ensure the implementation of security controls and the safeguarding of CUI in the defense industrial base.

Ready to Begin the Process?

Contact us with questions or to receive a quote.

Row of servers - Information security | NSF

NSF-ISR's Basic Security Assessment

Information security is a concern for everyone, and we believe that all businesses can benefit from a comprehensive security assessment. Whether you're looking for a one-time audit or working toward certification, NSF-ISR's Basic Security Assessment is the starting point.
Get Started Today

Resources

Think Your Company’s Chief Information Security Officer Is Super Busy? | NSF

Think Your Company’s Chief Information Security Officer Is Super Busy?

Equifax’s Jamil Farshchi deals with three to four million cyberattacks each and every day.

Read more

Businessman presenting in the conference - Your Remote Audit Questions Answered | NSF International

Your Remote Audit Questions Answered

Sanjay Shetgar answers the most frequently asked questions about remote audits following the successful NSF webinar on the topic.

Read more

Auditors recording data in recycling plant - R2 to R2v3 Certification Transition Preparation | NSF

Are You Preparing for the Responsible Recycling Version 3 (R2v3) Transition?

Don’t be caught unprepared for R2v3, especially if you have downstream vendors.

Read more

1 of
See More

We're Here To Help