Close this search box.

NIST 800-171

Safeguard Controlled Unclassified Information (CUI)

The Federal Acquisition Regulation (FAR) is a set of regulations that governs all acquisitions and contracting procedures associated with the U.S government, including those involved in supply chains tied to award-winning contracts. Getting or keeping such work means complying not only with DFARS but also the cybersecurity requirements set forth by NIST 800-171 whether you are the prime contractor or a sub .

The cybersecurity requirements within NIST 800-171 are designed to safeguard CUI in the IT networks of government contractors and subcontractors. It defines the practices and procedures that government contractors must adhere to when their networks process or store CUI.

Manufacturers that want to retain their DoD, GSA, NASA and other federal and state agency contracts need to have a plan that meets the requirements of NIST SP 800-171. DFARS cybersecurity clause 252,204-7012 went into effect on Dec. 31, 2017, and deals with processing, storing or transmitting CUI that exists on non-federal systems — such as those used by a government contractor.

Many manufacturers are unclear what they should do to implement NIST SP 800-171 and gain compliance with DFARS, and whether there are specialized resources available to help them achieve that milestone without preventable pitfalls. 

Columbia Advisory Group Security teams works with DoD and federal contractors in the implementation of a comprehensive cybersecurity program to meet and exceed the compliance requirements of the NIST 800-171 standard and the maturity levels to achieve the Cybersecurity Maturity Model Certification.

NIST 800-171 segments

Manufacturers may view the cybersecurity requirements for government contracts as too complicated and overwhelming.  Columbia Advisory Group has a rich history of moving organizations both large and small from non-compliance to compliance across the 14 control families defined by NIST 800-171 listed below:
As certified cybersecurity & compliance experts (CISSP, CIA, CISA, CEH, PMP, etc.), NIST 800-171 readiness is one of our focuses. Columbia Advisory Group continuously prepares organizations for NIST 800-171 compliances so that they are able to participate in federal contracting and supply chain.

More than Compliance Readiness

Columbia Advisory Group’s managed compliance services will not only take you through the compliance readiness process but also ensures your organizations abides by regulatory requirements, certification bodies in preparation for third-party audits against security standards and cyber-insurance renewals.
Columbia Advisory group delivers unified security & compliance reporting that allows your business to track its readiness against any security or risk-based standard in real time.

Ready to Talk with an Expert?

Learn how we align our exceptional experience as a leading IT Managed Service Provider to bring measurable benefits to your organization