U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

SP 800-172A

Assessing Enhanced Security Requirements for Controlled Unclassified Information

Date Published: March 2022

Planning Note (4/13/2022): The assessment procedures in SP 800-172A are available in multiple data formats. The PDF of SP 800-172A is the authoritative source of the assessment procedures. If there are any discrepancies noted in the content between the CSV, XLSX, and the SP 800-172A PDF, please contact sec-cert@nist.gov and refer to the PDF as the normative source.


Ron Ross (NIST), Victoria Pillitteri (NIST), Kelley Dempsey (NIST)



assessment; assessment method; assessment object; assessment procedure; assurance; enhanced security requirement; enhanced security requirement assessment; Controlled Unclassified Information; coverage; CUI Registry; depth; Executive Order 13556; FISMA; NIST Special Publication 800-53; NIST Special Publication 800-53A; NIST Special Publication 800-171; NIST Special Publication 800-172; NIST Special Publication 800-172A; nonfederal organization; nonfederal system; security assessment; security control
Control Families

None selected


SP 800-172A (DOI)
Local Download

Supplemental Material:
Assessment Procedures Spreadsheet (xls)
Assessment Procedures CSV (other)
README for CSV (txt)

Other Parts of this Publication:
SP 800-172

Document History:
04/27/21: SP 800-172A (Draft)
03/15/22: SP 800-172A (Final)