Date Published: February 2020
Supersedes:
SP 800-171 Rev. 1 (06/07/2018)
Planning Note (2/21/2020):
Documentation > Supplemental Material > CUI SSP template: ** There is no prescribed format or specified level of detail for system security plans. However, organizations ensure that the required information in [SP 800-171 Requirement] 3.12.4 is conveyed in those plans.
, , , ,
Access Control; Audit and Accountability; Awareness and Training; Configuration Management; Identification and Authentication; Maintenance; Media Protection; Personnel Security; Physical and Environmental Protection; System and Communications Protection; System and Information Integrity
Publication:
SP 800-171 Rev. 2 (DOI)
Local Download
Supplemental Material:
CUI Plan of Action template (word)
CUI SSP template **[see Planning Note] (word)
Mapping: Cybersecurity Framework v.1.0 to SP 800-171 Rev. 2 (xls)
Other Parts of this Publication:
SP 800-171A
SP 800-171B (Draft)
Document History:
06/19/19: SP 800-171 Rev. 2 (Draft)
02/21/20: SP 800-171 Rev. 2 (Final)
Security and Privacy
audit & accountability; awareness training & education; maintenance; security controls; threats
Laws and Regulations
Federal Acquisition Regulation; Federal Information Security Modernization Act