- 
					PurposeNIST 800-171 provides security requirements for the protection of controlled unclassified information (CUI) on nonfederal systems. 
- 
					ConfidentialityNIST 800-171 is laser focused on confidentiality. Its requirements do not account for availability and integrity. 
- 
					System Security PlanNIST 800-171 requires a system security plan (SSP) demonstrating how the entity has implemented the security controls. 
- 
					NIST 800-53 & FIPS 200NIST 800-171's 110 security requirements are derived from NIST 800-53 and FIPS 200. 
- 
					14 Control FamiliesNIST 800-171 groups its security requirements into 14 families including access control, configuration management, and physical protection. 
- 
					NFO ControlsNIST 800-171's appendix includes 61 non-federal organization (NFO) controls. NIST tailored these controls out because they assume they are implemented. 
NIST 800-171A
Learn about NIST 800-171A and explore its assessment procedures.
CMMC 2.1
Learn about the CMMC and explore its requirements.
What is the purpose of NIST 800-171?
NIST 800-171 provides security requirements for CUI on nonfederal systems.
Why do I need to implement NIST 800-171?
How can I find training on NIST 800-171?
How many controls does NIST 800-171 have?
Where did the NIST 800-171 controls come from?
Where can I find a list of the NIST 800-171 controls?
CMMC Training
Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!
 
				