Skip to content
Home / Function (NIST CSF 2.0) / PR - Protect / DS - Data Security

NIST SP 800-171 Rev. 3 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

NIST SP 800-171 is a set of cybersecurity standards developed by the National Institute of Standards and Technology (NIST) to protect Controlled Unclassified Information (CUI) in nonfederal systems and organizations. It outlines 97 security requirements across 17 control families, covering areas such as access control, system configuration, and incident response, aimed at safeguarding sensitive government information stored or processed by contractors and other entities working with the US government. Compliance is mandatory for organizations handling CUI, requiring them to implement appropriate security controls, conduct self-assessments, and maintain documentation like a System Security Plan to demonstrate adherence. The goal is to ensure a consistent baseline of cybersecurity across the federal supply chain and prevent data breaches that could impact national security or economic interests.


Publication's URL

https://csrc.nist.gov/pubs/sp/800/171/r3/final

Additional documents on this topic



How would you rate this document ?

Click on a star to rate it!

What do you think of this document?

Your email address will not be published. Required fields are marked *