Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Projects Protecting CUI

Protecting Controlled Unclassified Information CUI

SP 800-171A

NIST SP 800-171A LogoAccessing Security Requirements for Controlled Unclassified Information

Purpose

Assessment procedures and a methodology that can be employed to conduct assessments of the CUI security requirements in NIST SP 800-171.

Scope

A system security plan describes how the SP 800-171 security requirements are met. The plan describes the system boundary; the environment in which the system operates; how the requirements are implemented; and the relationships with or connections to other systems. The scope of the assessments conducted using the procedures described in SP 800-171A are guided and informed by the system security plans for the organizational systems processing, storing, or transmitting CUI. The assessments focus on the implementation and effectiveness of the safeguards in place to meet the SP 800-171 security requirements.

Download the SP 800-171A Assessment Procedures in different formats

Learn more about the development of SP 800-171A

 

 

Contacts

Ron Ross
ron.ross@nist.gov

Victoria Yan Pillitteri
victoria.yan@nist.gov

Topics

Security and Privacy: risk management

Created June 13, 2019, Updated March 13, 2024