NIST SP 800-171

NIST SP 800-171 Assessment

Safeguard and securely distribute assets categorized as Controlled Unclassified Information (CUI) under the NIST SP 800-171 framework

Protect CUI Both At-Rest & In-Transit

Initially published in June 2015, NIST SP 800-171 is a set of standards that define how to safeguard and distribute material deemed sensitive but not classified, otherwise referred to as Controlled Unclassified Information (CUI).

Both the CUI designation and the NIST SP 800-171 framework are intended to standardize and replace previously designations and frameworks. NIST SP 800-171 consists of 14 security requirement families and further specifies a group of 114 controls that are deemed Basic and Derived.

Our expert assessors partner with your team to ensure your systems are sufficient to protect the confidentiality of CUI both at rest and in transit. Receive trusted advisory support throughout the process, as well as guidance on how to address any weaknesses in your processes and systems.

Key Benefits

NIST SP 800-171

Protect the confidentiality of CUI

Protect CUI at rest & in transit

Ensure compliance of your information systems

Take control of cyber risk

Our Services Help You Stay
Secure & Compliant
Year-Round While Reducing Your Costs AND Level of Effort

NIST SP 800-171

The 14 Security Requirement Families

Access Control

Awareness and Training

Audit and Accountability

Configuration Management

Identification and Authentication

Incident Response


Media Protection

Physical Protection

Personnel Security

Risk Assessment

Security Assessment

System and Communications Protection

System and Information Integrity

What is the Purpose of NIST SP 800-171?

NIST SP 800-171 provides federal agencies with regulations for protecting the confidentiality of CUI when:

CUI resides in nonfederal information systems/organizations.

CUI resides in information systems not operated by contractors of federal agencies or organizations on behalf of federal agencies.

There are no specific regulations for the protection and maintenance of CUI confidentiality prescribed by the authorizing law, regulation, or government-wide policy for the CUI category or subcategory listed in the CUI Registry.

Why Choose MegaplanIT

As Your Compliance Assessor?

Trusted Partners

We work with our customers year after year. We understand their business and go beyond the contract to help them stay secure and compliant.

We Hire the Best

All our consultants are fully certified and highly experienced.

We Cover All Your Needs

No need to look elsewhere We pride ourselves on our holistic services, which meet all our customers’ security and compliance needs.

We’re Flexible

We adapt our approach to your organization’s specific security needs.



At MegaplanIT, we understand the demands of your business. You need your data to be accessible to your organization, yet impenetrable from the outside. You also have to comply with increasingly stringent information security regulations, which are vital not only to your security but to your success. On top of that, you’re still, well—running a business.

Our innovative IT security and compliance solutions are designed to deliver customized, cost-effective service on time. With a highly qualified team of PCI-DSS QSAs, Penetration Testers, and Information Security Consultants here at MegaplanIT, we will assess your unique company and business environment and design a path to security that will fit all of your needs.