NIST SP 800-171 Compliance Whitepaper

Posted by Rick Palermo on Dec 17, 2018 10:02:46 AM

Problem Statement

In October, 2016 the Federal Government published Defense Federal Acquisition Regulation Supplement 252.204-7012 requiring all non-Federal entities doing business with the Department of Defense that process, store, transfer or have access to  controlled unclassified information (CUI) to be in compliance with the security requirements published in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800–171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations. Contractors and their subcontractors were directed to implement NIST SP 800-171 standards no later than December 31, 2017. 

Read More

Topics: Ascolta, Risk, DFARS, NIST, Compliance

Risk Assessment

Posted by Rick Palermo on Aug 14, 2018 8:40:53 AM

This is the eleventh of a fourteen piece blog series intended to describe how Ascolta Greenfield environments achieve National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 Revision 1, Protecting Controlled Unclassified Information in Non-federal Systems, compliance.  This entry covers the controls contained in the Risk Assessment Policy and Procedures family.

Read More

Topics: DFARS, NIST, Compliance, Security, Risk, Assessment