NIST 800-171 is published by the National Institute of Standards and Technology. It sets the guidelines for the protection of Controlled Unclassified Information (CUI) that exists in nonfederal information systems and organizations. Protecting this information is important for the federal government since it has the potential to impact the ability for federal agencies to successfully carry out their missions and business operations. NIST 800-171 provides requirements for protecting the confidentiality of CUI in several instances. This includes when the CUI exists in nonfederal information systems and organizations, when the information systems where the CUI resides are not used or operated by contractors of federal agencies or a third-party on behalf of those contractors. It also applies when there are no specific requirements for protecting the confidentiality of CUI prescribed by the authorizing law, regulation, or governmentwide policy.
To learn more about NIST 171 guidelines, view our datasheet here. Read our case study about a Defense Contractor meeting DFARS Compliance NIST 800-171.