NIST 800-171 Compliance Checklist & Requirements

Nist 800-171 Compliance

DoD Cybersecurity:
NIST 800-171/CMMC Compliance

Doing business with the US Department of Defense requires the protection of Controlled Unclassified Information (CUI) through NIST 800-171 compliance or the new Cybersecurity Maturity Model Certification CMMC.

Government contractors who fail to protect the confidentiality, integrity, and availability of this information according to NIST 800-171 or CMMC compliance standards risk the loss of existing contracts or the ability to remain competitive on future contract bids.

What are the NIST 800-171 Requirements?

The National Institute of Standards and Technology (NIST) developed a Special Publication that provides requirements for protecting controlled unclassified information (CUI).  These NIST 800-171 requirements for government contractors are broken down into 14 compliance families which contain over 100 individual requirement statements (controls) and translate into over 300 assessment objectives on the part of a DoD contractor. 

If your organization currently executes a DoD contract or plans on proposing to DoD contracts in the future, you need to start now to align the technical, managerial, and operational facets of your information system to the NIST 800-171 or CMMC requirements.

Check out our NIST 800-171 Compliance Checklist:

NIST 800-171 Compliance Checklist

NIST 800-171/CMMC Compliance Solutions for DoD Contractors

As a small business DoD Contractor, Totem has spent the last decade understanding and implementing these requirements.  Now we want to help other small businesses become NIST 800-171 or CMMC compliant.

Our NIST 800-171/CMMC online workshop as well as our cybersecurity assessment and compliance tools will help guide your organization toward compliance.

NIST 800-171/CMMC Online Workshops

Our virtual classes are led by Totem’s team of seasoned cybersecurity experts, who themselves work for a small business prime DoD contractor.  These classes set the attendee off on the right foot to develop an Information Technology System Security Plan (SSP) commensurate with current DFARS 7012 requirements (NIST 800-171 controls) and future CMMC practice requirements.  Attendees will also learn how to comply with the incident response and reporting requirements for DoD contractors. 

NIST 800-171/CMMC Gap Assessments

The Totem Team conducts Security Gap Assessments on small business DoD contractors’ IT systems and your organization as a whole. We measure these assessment results against the NIST 800-171 or CMMC requirements and help develop custom policies that fit your organization’s needs.  We’ll also provide a compliant System Security Plan and a road map (Plan of Action and Milestones – POA&M) for the technical implementations that need to be completed.

NIST 800-171/CMMC Compliance Management Software

Totem™ Cybersecurity Compliance Management Tool helps you stay organized with a full array of documentation, templates, and status reports to provide evidence of your organization’s cybersecurity compliance.  Totem™ is set up to manage your compliance needs based upon the NIST 800-171 or CMMC requirements and creates policies and procedures tailored to your organization and required level of compliance.

Other Cybersecurity Compliance Consulting Services

If you’re required to implement the NIST 800-171 or CMMC security controls, Totem offers a full range of cybersecurity consulting services and solutions to help you achieve DFARS compliance.  Contact Us to discuss options to achieve your cybersecurity compliance goals.

Totem logo