U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-171

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations

Date Published: June 2015

Author(s)

Ron Ross (NIST), Kelley Dempsey (NIST), Patrick Viscuso (NARA), Mark Riddle (NARA), Gary Guissanie (IDA)

Abstract

Keywords

Controlled Unclassified Information; CUI Registry; Executive Order 13556; FIPS Publication 199; FIPS Publication 200; FISMA; NIST SP 800-53; Nonfederal Information Systems; Security Control; Security Requirement; Derived Security Requirement; Contractor Information Systems; Security Assessment
Control Families

Access Control; Awareness and Training; Audit and Accountability; Configuration Management; Identification and Authentication; Maintenance; Media Protection; Physical and Environmental Protection; Personnel Security; System and Communications Protection; System and Information Integrity

Documentation

Publication:
Final Draft SP 800-171 (Apr. 2015) (pdf)

Supplemental Material:
SP 800-171 (6/18/2015) (pdf)
Initial Draft SP 800-171 (Nov. 2014) (pdf)

Document History:
06/18/15: SP 800-171 (Final)