U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

SP 800-171 Rev. 1

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations

Date Published: December 2016

Supersedes: SP 800-171 (01/21/2016)

Author(s)

Ron Ross (NIST), Patrick Viscuso (NARA), Gary Guissanie (IDA), Kelley Dempsey (NIST), Mark Riddle (NARA)

Abstract

Keywords

Contractor Information Systems; Controlled Unclassified Information; CUI Registry; Executive Order 13556; FIPS Publication 199; FIPS Publication 200; FISMA; NIST Special Publication 800-53; Nonfederal Information Systems; Security Control; Security Requirement; Derived Security Requirement; Security Assessment
Control Families

Access Control; Audit and Accountability; Awareness and Training; Configuration Management; Identification and Authentication; Maintenance; Media Protection; Personnel Security; Physical and Environmental Protection; System and Communications Protection; System and Information Integrity

Documentation

Publication:
SP 800-171 Rev. 1 (12/20/2016)

Supplemental Material:
Specific Changes to the Security Requirements in SP 800-171 (pdf)

Related NIST Publications:
SP 800-171A (Draft)

Document History:
12/20/16: SP 800-171 Rev. 1