Secure your government contracts with an automated NIST 800-171 assessment workflow on Isora GRC.
Conduct a NIST 800-171 assessment and identify critical risks.
Access scores based on the DoD Assessment Methodology.
Export risks into a POA&M and work towards risk mitigation.
Collect and securely store evidence tied to control implementation.
Save time with automated surveys, notifications, and reporting.
The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 (NIST 800-171) is an information security framework that provides guidelines for protecting the confidentiality of controlled unclassified information (CUI) when stored in nonfederal information systems.
Several federal agencies require NIST 800-171.
The U.S. Department of Defense (DoD) requires all of its contractors to demonstrate compliance with NIST 800-171 as part of the Defense Federal Acquisition Regulation Supplement (DFARS) and the Cybersecurity Maturity Model Certification (CMMC).
More recently, Federal Student Aid (FSA), an office of the U.S. Department of Education (ED), gave notice of its intent to require NIST 800-171 as part of its proposed Campus Cybersecurity Program. The proposed program applies to all aspects of the administration of Title IV federal student aid programs and builds on the current requirements of the Gramm-Leach-Bliley Act (GLBA).
The DFARS Interim Rule came into effect on September 29, 2020, and it affects Higher Education Institutions that conduct DoD-sponsored research
The Department of Defense has released CMMC 2.0, introducing several new updates. Here are the six key takeaways contractors need to know
This complete CMMC guide will review everything contractors need to know about CMMC, including its structure, requirements, and certification process.
Scoping FCI & CUI is a necessary step to make NIST 800-171 & CMMC compliance more feasible and cost-effective. Read the Complete Scoping Guide.
This comprehensive guide covers everything you need to know about the NIST 800-171 Basic Assessment and the steps you can take to build a compliance process.
Getting CMMC certified takes time and preparation. This guide covers the five practical steps to go from zero to certified