Compliance Services

PCI Services

PCI-DSS
PCI-DSS
PA-DSS & SSF
PA-DSS & SSF
3DS
3DS
PCI-DSS SAQ Advisory
PCI-DSS SAQ Advisory
PCI-DSS Gap Analysis
PCI-DSS Gap Analysis
Point To Point Encryption
Point To Point Encryption

NIST Assessments

NIST SP 800-53
NIST SP 800-53
NIST SP 800-171
NIST SP 800-171
NIST Cybersecurity Framework
NIST Cybersecurity Framework

Additional Services

CMMC
CMMC
ISO 27001/27002
ISO 27001/27002
HIPAA Risk Assessment
HIPAA Risk Assessment
End-To-End Encryption
End-To-End Encryption
GDPR
GDPR
Standardized Control
Standardized Control
SSAE 18 SOC Reports
SSAE 18 SOC Reports
NERC CIP
NERC CIP
CMR17
CMR17
Gramm-Leach Bliley Act
Gramm-Leach Bliley Act
CCPA
CCPA

Compliance Services

NIST SP 800-171 Assessment

Safeguard and securely distribute assets categorized as Controlled Unclassified Information (CUI) under the NIST SP 800-171 framework

Get A Free Consultation
Let's Get Started
Home
NIST SP 800-171
Overview
Key Benefits
How It Works
Request A Free Consultation

Service Overview

NIST SP 800-171 Assessment

Initially published in June 2015, NIST Special Publication 800-171 is a set of standards that define how to safeguard and distribute material deemed sensitive but not classified, otherwise referred to as Controlled Unclassified Information (CUI).

Both the CUI designation and the NIST SP 800-171 framework are intended to standardize and replace previous designations and frameworks. For companies doing business with the Federal Government, adherence to this standard is mandatory if any data will be transmitted to, stored on, or processed by your information systems.

Our Approach

Our expert assessors partner with your team to ensure your systems are sufficient to protect the confidentiality of CUI both at rest and in transit. Receive trusted advisory support throughout the process, as well as guidance on how to address any weaknesses in your processes and systems.

Key Benefits

NIST SP 800-171

Protect the confidentiality of CUI

Protect CUI at rest & in transit

Ensure compliance of your information systems

Take control of cyber risk

What is the Purpose of NIST SP 800-171?

NIST SP 800-171 provides federal agencies with regulations for protecting the confidentiality of CUI when:

CUI resides in nonfederal information systems/organizations.

CUI resides in information systems not operated by contractors of federal agencies or organizations on behalf of federal agencies.

There are no specific regulations for the protection and maintenance of CUI confidentiality prescribed by the authorizing law, regulation, or government-wide policy for the CUI category or subcategory listed in the CUI Registry.

NIST SP 800-171

The 14 Security Requirement Families:

Access Control

Audit and Accountability

Awareness and Training

Configuration Management

Identification and Authentication

Incident Response

Maintenance

Media Protection

Physical Protection

Personnel Security

Risk Assessment

Security Assessment

System and Information Integrity

System and Communications Protection

What Our Customers Say

For 2018 there was no question who we would engage to help us get through the process. They were excellent and the process was easier the second time around.
Travel Related Technology and Payment SolutionsCEO
For the past four years, we have partnered with MegaplanIT for our annual PCI-DSS Level 1 audit. In addition to that annual work, we have also found them to be a great source of advice and best-practice recommendations; their expertise has helped us conceptualize and plan the robust, secure systems that our customers count on each day. Their team is a pleasure to work with, and we highly recommend their people and services.
Payments and Software CompanyChief Technology Officer
Our Security Consultant was extremely well organized, knowledgeable , personable and responsive. Our IT Director was extremely satisfied. I shopped for year one and MegaplanIT was the most reasonable and all-encompassing and you felt they were in it for a long term relationship. Do not hesitate to hire MegaplanIT they are very approachable and responsive. I heartily recommend them
Travel Related Technology and Payment SolutionsCEO
From sales to the final report (and everything in between), working with MegaplanIT has been a pleasure. Their vast PCI knowledge, along with their fast response times far exceeded my expectations. They truly understand PCI, and how that applies to our virtual environment. They are a great partner, and always try to make themselves available when we need them. A truly professional and dedicated team!
Payment Technology Merchant AcquirerCEO
I feel like their people truly "dig in" and try to find any issues that need patching or remediation. They do it in a non-condemning way, and always look to help us get through the remediation in the safest, fastest and secure way possible.
Payment Processing & E-Commerce SolutionsPresident & CEO
We selected MegaplanIT two years ago to help with our initial PCI DSS certification. As anyone who embarks on this task it is not easy and you need expert guidance and help. MegaplanIT was a great partner to get us through it.
Travel Related Technology and Payment SolutionsCEO
Our experience with MegaPlanIT has been excellent.  They did such an excellent job in all phases of our PCI projects that they closed the door for our considering another PCI assessor in the foreseeable future.
Health & Fitness CompanyCEO
We’ve used Megaplan IT for PCI-DSS and HIPAA certification over the past 5 years. They’ve always been professional leaders of information security and of PCI and HIPAA practices. Our auditors never hesitate to take the time to educate on the “why behind the what” when needed, which is definitely a value-add to the services MegaplanIT performs for us.
Technology Payment Solutions / Financial ServicesChief Information Officer
Previous
Next
Our Security Consultant was extremely well organized, knowledgeable, personable and responsive. Our IT Director was extremely satisfied. I shopped for year one and MegaplanIT was the most reasonable and all-encompassing and you felt they were in it for a long term relationship. Do not hesitate to hire MegaplanIT they are very approachable and responsive. I heartily recommend them.
Travel Related Technology & Payment Solutions
CEO
For the past four years, we have partnered with MegaplanIT for our annual PCI-DSS Level 1 audit. In addition to that annual work, we have also found them to be a great source of advice and best-practice recommendations; their expertise has helped us conceptualize and plan the robust, secure systems that our customers count on each day. Their team is a pleasure to work with, and we highly recommend their people and services.
Payments and Software Company
Chief Technology Officer
From sales to the final report (and everything in between), working with MegaplanIT has been a pleasure. Their vast PCI knowledge, along with their fast response times far exceeded my expectations. They truly understand PCI, and how that applies to our virtual environment. They are a great partner, and always try to make themselves available when we need them. A truly professional and dedicated team!
Payment Technology Merchant Acquirer
CEO

When You Employ MegaplanIT

With a highly qualified team of PCI-DSS QSAs, Penetration Testers, and Information Security Consultants here at MegaplanIT, we'll assess your unique business environment and design a path to security that will fit all of your needs.
Meet The Team

Certifications & Qualifications

Our team of experts is actively committed to excellence, so they continually advance their skills by seeking out the most current training and certification in best practices across all industries.
View Certifications

MAKE OUR TEAM

YOUR TEAM

At MegaplanIT, we understand the demands of your business. You need your data to be accessible to your organization, yet impenetrable from the outside. You also have to comply with increasingly stringent information security regulations, which are vital not only to your security but to your success. On top of that, you’re still, well—running a business.

Our innovative IT security and compliance solutions are designed to deliver customized, cost-effective service on time—because your priorities are our priorities. With a highly qualified team of PCI-DSS QSAs, Penetration Testers, and Information Security Consultants here at MegaplanIT, we will assess your unique company and business environment and design a path to security that will fit all of your needs.

Request A Free Consultation