NIST 800-171

On December 30, 2015, the U.S. Department of Defense (DOD) published a three-page interim rule to the Defense Acquisition Federal Regulation Supplement (DAFRS) that gives government contractors a deadline of December 31, 2017 to implement the requirements of the National Institute of Standards and Technology’s (NIST) Special Publication (SP) 800-171r1.


The Gap Assessment will focus on the specific requirements of the NIST SP800-171 Security Requirements.  Our internal framework and methodology for evaluating general information security practices will also guide our efforts.  GoldSky Assessors will review and evaluate the Organization’s compliance with the NIST SP800-171 Security Requirements.  This will include:

  • Interviews with key personnel in core functional areas and information technology;
  • Review of documentation to support NIST SP800-171 compliance;
  • Testing of identified NIST SP800-171 controls;
  • Identification of gaps in the Organization’s compliance with the NIST SP800-171 Security Policy.

The Security Requirements defined in NIST SP800-171 will be used as the basis for assessing technical and procedural controls and encompasses the following areas:

NIST SP800-171 Security Requirements
Requirement 1 Access Control
Requirement 2 Awareness and Training
Requirement 3 Auditing and Accountability
Requirement 4 Configuration Management
Requirement 5 Identification and Authentication
Requirement 6 Incident Response
Requirement 7 Maintenance
Requirement 8 Media Protection
Requirement 9 Personal Security
Requirement 10 Physical Protection
Requirement 11 Risk Assessment
Requirement 12 Security Assessment
Requirement 13 System and Communication Protection
Requirement 14 System and Information Security

GoldSky Security offices in Orlando, Denver or Chicago can help support your NIST 800-171 compliance requirement.

How can GoldSky Security help you?

Contact us at the GoldSky office nearest to you or submit a business inquiry below.

GoldSky Newsletter

“GoldSky Security has performed work with our company in the recent past. The GoldSky Security Team performed their duties as promised and in a high-quality manner, and we were very satisfied with the services they provided. We recommend considering GoldSky as your cybersecurity partner of choice. “

Nathaniel Thomas
CTO, sonobi

Contact GoldSky today to become NIST SP800-171 Compliant?