We Just Finished Reviewing the NIST 800-171 Revision A.
Bottom Line Up-Front: The revision changes a few things, but the general gist remains the same; protecting CUI is NOT an option, it’s the law. Guidance is given on how to perform an assessment (crash course), but folks will still require all in-depth technical knowledge to be able to definitively give the answer to every question and collect the evidence.
The experts have put in the time to know this, let us ensure you are safe, compliant, and now LEGAL.
Our Key Takeaways:
- DIY assessment is a great start, but not the way to attest. Reference the 7 missile contractors from the DoDOIG article who self-assessed and all failed.
- The time burden for an organization to accomplish this on their own is huge: 80 + hours.
- More plain language, a glossary, and acronym listing means small mom and pops COULD read this and then realize they will never be able to comply
If you’re struggling with the NIST 800-171 requirements, we can help. Click here to learn more about cuick trac™.