NIST 800-171 Compliance

Fortify Your Defenses

What is NIST 800-171 Compliance?

The National Institute of Standards and Technology (NIST) has implemented new guidelines regarding the protection of Controlled Unclassified Information (CUI) in Nonfederal Information Systems and Organizations.

The purpose of these guidelines is to enforce security of all systems that process, store, or transmit CUI.

As of December 2015, Defense Federal Acquisition Regulation Supplement (DFARS) clause 225.204-7012 requires contractors to adhere to NIST Special Publication 800-171 guidelines.


Who is affected?

Contractors who do business with any federal or state agencies, such as the Department of Defense (DoD), NASA, or organizations who sell on the (GSA), are required to comply with NIST 800-171 standards.

Not sure if your company needs NIST 800-171 Compliance?

How can Roman Data Defense help?

Roman Data Defense provides a NIST 800-171 Compliance Assessment, including a 15-Point Criteria.

A third-party consultation from Roman Data Defense ensures that all guidelines are understood, with a thorough, efficient action plan for adopting correct policies.

Our assessment is based around a 15-point criteria:

Access Control

Audit and Accountability

Training and Awareness

Incident Response

Identification and Authentication

Configuration Management


Transferrable Devices

Physical Location

Staff and Personnel

Risk Assessment

Security Assessment

Edge Related Protection

Integrity of System

On-Going Maintenance

Michigan: A Superior Source of Defense

According to the Detroit Chamber, “In 2015, the Detroit region was home to 3,307 businesses serving the defense industry. Together, they employ over 94,000 individuals, with annual average wages of over $91,257."

Top counties with defense contracts in 2014 were: 






Already Qualified?