Protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations is critical to federal agencies. The suite of guidance (NIST Special Publication (SP) 800-171, SP 800-171A, SP 800-172, and SP 800-172A) focuses on protecting the confidentiality of CUI and recommends specific security requirements to achieve that objective.
February 21, 2024: NIST issues summary and analysis of comments received in response to SP 800-171 Revision 3 (final public draft) and SP 800-171A Revision 3 (initial public draft).
Comments Received on SP 800-171 Revision 3 (Final Public Draft) and SP 800-171A Revision 3 (ipd)
Below are comments received on SP 800-171 Revision 3 (FPD), Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, and SP 800-171A Revision 3 (IPD), Assessing Security Requirements for Controlled Unclassified Information. The public comment period on both publications closed on January 26, 2024.
All comments submitted during the public comment period will be posted below with contact information has been redacted. All technical content will be posted as submitted, so commenters should not include information they do not wish to be posted (e.g., personal or business information).
Date Received | Submitted By |
---|---|
9 November 2023 | Planet Works |
11 November 2023 | George Mason University |
12 November 2023 | DEFCERT |
13 November 2023 | Bond University |
16 November 2023 | DEFCERT |
22 November 2023 | Sound Way Consulting Inc. |
3 December 2023 | Compliance Forge |
8 December 2023 | Anonymous |
14 December 2023 | Neil Lobron |
22 December 2023 | Eva Aviation |
4 January 2024 | Totem Tech |
11 January 2024 | Walsh Group |
16 January 2024 | Hiromitsu Tomozawa |
16 January 2024 | Jake Williams |
17 January 2024 | Tularosa Communications |
22 January 2024 | FIDO Alliance |
22 January 2024 | Arnold Magnetic Technologies |
23 January 2024 | Archstone Security |
24 January 2024 | Missile Defense Agency |
24 January 2024 | Parsons |
25 January 2024 | RTX |
25 January 2024 | Tevora |
26 January 2024 | EDUCAUSE |
26 January 2024 | Defense Cybersecurity Group |
26 January 2024 | DoD CIO CS |
26 January 2024 | |
26 January 2024 | Anonymous |
26 January 2024 | NDISAC |
26 January 2024 | NDIA |
26 January 2024 | PSCouncil |
26 January 2024 | SAIC |
26 January 2024 | NeoSystems Corp.. |
26 January 2024 | Aerospace Industries Association |
26 January 2024 | Simventions Inc. |
26 January 2024 | Manufacturing Extension Partnership Center | The University of Utah |
26 January 2024 | Wanda L |
26 January 2024 | FFRDC UARC Security Council CUI Working Group |
26 January 2024 | Jacob Horne |
26 January 2024 | MSPs for the Protection of Critical Infrastructure |
26 January 2024 | Amazon Web Services |
29 January 2024 | GRC Academy |
August 16, 2023: NIST issues summary and analysis of comments received in response to SP 800-171 Revision 3 initial public draft.
Comments Received on Draft SP 800-171 Revision 3 (Initial Public Draft)
Below are comments received on Draft Special Publication 800-171 Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. The public comment period closed on July 14, 2023.
All comments submitted during the public comment period for Draft NIST SP 800-171 Revision 3 will be posted below, contact information has been redacted, but all technical content will be posted as submitted so commenters should not include information they do not wish to be posted (e.g., personal or business information).
Security and Privacy: risk management