- Access Control
- Awareness and Training
- Audit and Accountability
- Configuration Management
- Identification and Authentication
- Incident Response
- Media Protection
- Personnel Security
- Physical Protection
- Risk Assessment
- Security Assessment
- System and Communications Protection
- System and Information Integrity
DFARS Changes Require Immediate Action
Department of Defense contractors are subject to requirements put forth in the Defense Federal Acquisition Regulation Supplement (DFARS). Updated in December, 2015, DFARS 225.204-7012 requires contractors to implement NIST Special Publication 800-171 standards as soon as possible, but no later than December, 2017, to protect covered defense information / controlled unclassified information. The new requirements specify that contractors must notify the Office of the DoD CIO within 30 days of an award of any SP800-171 requirements not being met by the contractor organization. SP800-171 is a derivative of SP800-53.
What are the requirements of Special Publication 800-171?
Special Publication 800-171 includes 109 controls split among 14 control families. These control families cover all critical aspects of information security:
Our staff are experts at assessing organizational compliance against the NIST frameworks, including SP800-171. We help DoD contractors document their existing environments, outline compliance gaps, and help build remediation plans. We have proprietary templates and toolkits designed specifically for DFARS compliance.
- Does your company have a Disaster Recovery plan in place? #disasterrecovery #securityawareness… http://t.co/OdcwMkKwWJ 2 days ago
- Our senior manager Nick DeLena presented at a panel hosted by Davis, Malm & D’Agostine, P.C.! Check back for more info later this week! 1 week ago
- Happy Valentine's Day from OCD Tech! #happyvalentinesday http://t.co/HCmYfTUceN 1 week ago
- Cybersecurity is not just an IT problem. Our @ndelena was featured in the latest MSADA pub. http://t.co/eoVrtRZqBq 2 weeks ago