Secure your government contracts with an automated NIST 800-171 assessment workflow on Isora GRC.
Solutions for NIST 800-171
- NIST 800-171 Risk Assessment
Conduct a NIST 800-171 assessment and identify critical risks.
- Supplier Performance Risk System (SPRS) Score
Access scores based on the DoD Assessment Methodology.
- Plan of Action and Milestones (POA&M)
Export risks into a POA&M and work towards risk mitigation.
- Evidence Management
Collect and securely store evidence tied to control implementation.
- Automated Workflow
Save time with automated surveys, notifications, and reporting.
About NIST 800-171
The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 (NIST 800-171) is an information security framework that provides guidelines for protecting the confidentiality of controlled unclassified information (CUI) when stored in nonfederal information systems.
Several federal agencies require NIST 800-171.
The U.S. Department of Defense (DoD) requires all of its contractors to demonstrate compliance with NIST 800-171 as part of the Defense Federal Acquisition Regulation Supplement (DFARS) and the Cybersecurity Maturity Model Certification (CMMC).
More recently, Federal Student Aid (FSA), an office of the U.S. Department of Education (ED), gave notice of its intent to require NIST 800-171 as part of its proposed Campus Cybersecurity Program. The proposed program applies to all aspects of the administration of Title IV federal student aid programs and builds on the current requirements of the Gramm-Leach-Bliley Act (GLBA).
Related Regulations
Recommended
-
DFARS Interim Rule & Higher Education
The DFARS Interim Rule came into effect on September 29, 2020, and it affects Higher Education Institutions that conduct DoD-sponsored research
-
The NIST 800-171 Basic Assessment Complete Guide
The NIST 800-171 Basic Assessment is an interim requirement for all DoD contractors ahead of the CMMC. Plan your assessment with our complete guide.
-
CMMC 2.0 is Here: 6 Key Updates
The Department of Defense has released CMMC 2.0, introducing several new updates. Here are the six key takeaways contractors need to know
-
Everything about the Cybersecurity Maturity Model Certification (CMMC)
Everything you need to know about the CMMC, including its history, structure, requirements, and certification process. Updated for CMMC 2.0
-
The Complete Guide to Scoping FCI & CUI for NIST 800-171 & the CMMC
Scoping FCI & CUI and building an enclave is necessary to make compliance more efficient and cost-effective. Read the guide. Updated for CMMC 2.0
-
The 5-Step Guide to Prepare for the CMMC
Getting certified for the CMMC can seem like a daunting task. Here are 5 fool-proof steps you should take. Updated for CMMC 2.0. Read the guide
Choose the easier way to conduct GRC assessments
