NSF Logo
Contact us

NIST 800-171

Protect the confidentiality of controlled unclassified information in your nonfederal systems and organization.

The NIST 800-171 guidelines define how to protect and distribute controlled unclassified information.

Following the Federal Information Security Management Act (FISMA), NIST 800-171 was created to improve information security for controlled unclassified information (CUI). CUI is sensitive and relevant U.S. government information not strictly regulated by the federal government.

However, in conjunction with the Defense Federal Acquisition Regulation Supplement (DFARS), any organization or agency that processes, stores or distributes CUI for the DoD, GSA, NASA or any other federal or state agencies must be incompliance with NIST 800-171.

NSF-ISR's team has extensive technical expertise with security assessment activities in both physical and logical environments, and we work to address information security needs across many industries. Let our team of experts help you assess and document your compliance with NIST 800-171.

Meet NIST 800-171 Assessment Requirements for DoD Contractors

A new U.S. Department of Defense (DoD) rule requires all contractors to have a current NIST 800-171 assessment posted in the DoD’s Supplier Performance Risk System (SPRS) in order to receive a contract award.

The NIST 800-171 and Cybersecurity Maturity Model Certification (CMMC) framework assessments help to ensure the implementation of security controls and the safeguarding of CUI in the defense industrial base.

NSF-ISR's Basic Security Assessment

Information security is a concern for everyone, and we believe that all businesses can benefit from a comprehensive security assessment. Whether you're looking for a one-time audit or working toward certification, NSF-ISR's Basic Security Assessment is the starting point.
Get Started Today

Resources

Think Your Company’s Chief Information Security Officer Is Super Busy?
Article
Equifax’s Jamil Farshchi deals with three to four million cyberattacks each and every day.
Case Study: NSF-ISR Provides Full ISO/IEC 27001 Certification Remotely
Article
To become an ISO/IEC 27001 certified organization, a Texas-based data center needed an audit of its information security practices in the middle of a nationwide shutdown.
Cybersecurity Maturity Model Certification (CMMC) Assessments and What You Need to Know
Cybersecurity Maturity Model Certification (CMMC) Assessments and What You Need to Know
Video
Join Tony Giles, Rhia Dancel and Don McFarland as they discuss what management systems certified organizations need to know in preparation for CMMC assessments. The team covers CMMC levels 1-3, who is assessing, what Level 1 CMMC covers, what to expect in a CMMC assessment and a few new key updates.

Share this Article

How NSF Can Help You

Get in touch to find out how we can help you and your business thrive.