U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Projects Protecting CUI

Protecting Controlled Unclassified Information (CUI) CUI

SP 800-171A

NIST SP 800-171A LogoAccessing Security Requirements for Controlled Unclassified Information

Purpose

Assessment procedures and a methodology that can be employed to conduct assessments of the CUI security requirements in NIST SP 800-171.

Scope

A system security plan describes how the SP 800-171 security requirements are met. The plan describes the system boundary; the environment in which the system operates; how the requirements are implemented; and the relationships with or connections to other systems. The scope of the assessments conducted using the procedures described in SP 800-171A are guided and informed by the system security plans for the organizational systems processing, storing, or transmitting CUI. The assessments focus on the implementation and effectiveness of the safeguards in place to meet the SP 800-171 security requirements.

Download the SP 800-171A Assessment Procedures in different formats

Learn more about the development of SP 800-171A

 

 

Contacts

Ron Ross
ron.ross@nist.gov

Victoria Yan Pillitteri
victoria.yan@nist.gov

Topics

Security and Privacy: risk management

Created June 13, 2019, Updated July 27, 2022