As a contractor or sub-contractor to government agencies and organizations, due to Executive Order 13556 and The Code of Federal Regulations (CFR) 52.204-21 you must now provide documentation and evidence as to how you are protecting Controlled Unclassified Information (CUI) in order to show FAR/DFARS compliance.
This proof comes in the form of a security assessment based on National Institute of Standards Technology (NIST) Special Publication 800-171, Protecting Controlled Unclassified Information in Non-Federal Information Systems and Organizations.
Companies that hold contracts with the federal government or that supply materials, products or goods for a federal contract must be assessed and then implement security measures in order to do business with governmental agencies and organizations either directly or indirectly.
This means you cannot be put on new contracts and could be released from current contracts if you are not compliant.
If you have received a Corrective Action Report (CAR) from a government agency or prime contractor, you will be required to provide a Plan of Action and Milestones (PoAM) stating the actions you will take to become compliant.
Sword & Shield Enterprise Security’s NIST 800-171 Assessment Service takes the burden off you so you can continue to do your business. We assess your NIST 800-171 compliance status and provide a detailed remediation roadmap to help get you where you need to be.
Sword & Shield is immersed in various compliance frameworks (NIST, HIPAA, PCI, SANS, CSC 20, ISO, etc.) on a daily basis. Our expertise makes us uniquely qualified to understand and relate these requirements to your business in order to identify gaps and recommend how to fill them.
Our NIST 800-171 Assessment Service provides the following value to you:
Sword & Shield performs the following tasks in order to evaluate your NIST 800-171 compliance readiness:
Request a Free Consultation for our NIST 800-171 Assessment Service