NIST SP 800-171 Revision 2 Security Requirements

The following documents and videos are meant to help organizations and their staff understand the Security Requirements in NIST SP 800-171 as they approach fulfilling their compliance requirements.

3.1 Access Control [AC]

3.1.22, Publicly Accessible Content: The most mis-understood requirement

3.2 Awareness and Training [AT]

3.3 Audit and Accountability [AU]

3.4 Configuration Management [CM]

3.5 Identification and Authentication [IA]

3.5.6, Identifying Inactive Requirements via Azure Sentinel

3.6 Incident Response [IR]

3.7 Maintenance [MA]

3.8 Media Protection [MP]

3.9 Personnel Security [PS]

3.10 Physical Protection [PE]

3.10.6 Alternate Work Sites
3.10.6, Enforce safeguarding measures for CUI at alternate work sites.

3.11 Risk Assessment [RA]

3.12 Security Assessment [CA]

3.13 Systems and Communications Protection [SC]

3.14 System and Information Integrity [SI]

Key CMMC Organizations

Key Regulations

Key References

Key Acquisition References

Other Key Sites

An Authorized CMMC 3rd Party Assessment Organization (C3PAO)

Be as Smart as a Fox

We share our knowledge and experiences so everyone can benefit

NIST SP 800-171 Revision 2 Security Requirements

3.1 Access Control [AC]

3.2 Awareness and Training [AT]

3.3 Audit and Accountability [AU]

3.4 Configuration Management [CM]

3.5 Identification and Authentication [IA]

3.6 Incident Response [IR]

3.7 Maintenance [MA]

3.8 Media Protection [MP]

3.9 Personnel Security [PS]

3.10 Physical Protection [PE]

3.11 Risk Assessment [RA]

3.12 Security Assessment [CA]

3.13 Systems and Communications Protection [SC]

3.14 System and Information Integrity [SI]

Key CMMC Organizations

Key Regulations

Key References

Key Acquisition References

Other Key Sites

An Authorized CMMC 3rd Party Assessment Organization (C3PAO)

Recent Posts

Social Contact