DFARS requires defense contractors to comply with NIST SP 800-171 to protect the confidentiality of Controlled Unclassified Information (CUI) in non-federal systems and organizations.
SME has resources to assist your organization:
- Defining CUI
- Properly scoping your infrastructure
- Documenting compliance
Key areas of concern:
- Access Control
- Awareness and Training
- Audit and Accountability
- Configuration Management
- Identification and Authentication
- Incident Response
- Maintenance
- Media Protection
- Personnel Security
- Physical Protection
- Risk Assessment
- Security Assessment
- System and Communications Protection
- System and Information Integrity