Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-171A

Assessing Security Requirements for Controlled Unclassified Information

Date Published: June 2018

Planning Note (6/13/2018):

Documentation > Supplemental Material > CUI SSP template:

** There is no prescribed format or specified level of detail for system security plans. However, organizations ensure that the required information in [SP 800-171 Requirement] 3.12.4 is conveyed in those plans.


Author(s)

Ron Ross (NIST), Kelley Dempsey (NIST), Victoria Pillitteri (NIST)

Abstract

Keywords

assessment; assessment method; assessment object; assessment procedure; assurance; basic security requirement; Controlled Unclassified Information; coverage; CUI Registry; depth; derived security requirement; Executive Order 13556; FISMA; NIST Special Publication 800-53; NIST Special Publication 800-53A; nonfederal organization; nonfederal system; security assessment; security control
Control Families

None selected

Documentation

Publication:
SP 800-171A (DOI)
Local Download

Supplemental Material:
CUI SSP template **[see Planning Note] (word)
CUI Plan of Action template (word)

Other Parts of this Publication:
SP 800-171 Rev. 1

Related NIST Publications:
ITL Bulletin
SP 800-53 Rev. 4
SP 800-53A Rev. 4

Document History:
Draft SP 800-171A (2/20/18)
SP 800-171A (6/13/18)