NIST COMPLIANCE

 Back to Services

NIST SP 800-171 & 800-53 Compliance

NIST SP 800-171, is a standard developed by the National Institute of Standards and Technology that was created for the sole purpose of protecting Controlled Unclassified Information (CUI) in non-Federal Information Systems and Organizations. It defines a comprehensive set of controls designed to safeguard information such as controlled technical information, or other information that would be described as CUI or Covered Defense Information.

For contractors actively performing business with the Federal Government, the Department of Defense Federal Acquisition Regulations Supplement (DFARS) requires that contractors be compliant with NIST SP 800-171. The deadline for compliance has passed as of December 31, 2017.

The main focus of NIST SP 800-171 is to protect CDI, Covered Defense Information and CUI, Controlled Unclassified Information. All systems processing or storing this type of information should be assessed for compliance gaps.

Non-Federal Contractors and NIST Compliance

The NIST SP 800-171 and 800-53 control frameworks are two of the most battle-proven cybersecurity controls frameworks ever developed, and are consistently adapted to keep up with the modern-day threat landscape.

While DoD contractors are required to be compliant with these frameworks, and other industries do not hold the same requirement, several industries have adopted these frameworks as the baseline of their cybersecurity program to ensure their systems are safeguarded with the same standards as those working with Federal agencies. A few examples of such industries include those in the Financial sector and Healthcare sector, which are both common targets for cyber criminals.

What areas are covered?

There are a total of 14 key areas / categories of controls covered by NIST SP 800-171 that need to be met in order to be compliant:

  •  Access Control
  •  Awareness and Training
  •  Audit and Accountability
  •  Configuration Management
  •  Identification and Authentication
  •  Incident Response
  •  Maintenance
  •  Media Protection
  •  Physical Protection
  •  Personnel Security
  •  Risk Assessment
  •  Security Assessment
  •  System and Communications Protection
  •  System and Information Integrity

How can Kinnectiv help with NIST SP 800-171 Compliance?

Our assement methodology was developed to ensure full coverage of NIST SP 800-171 and NIST SP 800-53 controls, leaving absolutely no gaps in coverage. Our professionals have conducted a variety of assessments in a timely manner, no matter the size of the organization being assessed.

To find out more about how we can help your organization achieve NIST compliance, contact us today and someone from our time will get in touch as soon as possible.

Services Offered

  •  Compliance and Audit Gap Analysis
  •  Development of Policies and Procedures
  •  SSP - System Security Plans
  •  Implementation of Technical Controls
  •  Implementation of Administrative Controls
  •  Incident Response Plans
  •  Technology, Strategy & Budget Alignment and Support
  •  Procurement of Technologies & Services
Contact Us For More Information

Info Request

Request a Call

Success! Your message has been sent to us.
Success! Your message has been sent to us.

Get in touch

Talk to a Specialist

Ready to get your next big technology initiative started? We're here to help, with any project, of any size.

888 930 9166 info@kinnectiv.com