NIST SP 800-171 is a cybersecurity framework of 110 controls in 14 families published by the National Institute of Standards and Technology (NIST). This learning path will teach you how to comply with the requirements of NIST 800-171. You will understand what CUI is and how to identify it; what a nonfederal information systems is; how to understand each of the 110 requirements in the framework and satisfy each of them if necessary; how to create a Body of Evidence (BOE) including Organizational Policy or Procedures; a System Security Plan (SSP) and Plans of Action and Milestones (POAM). Upon completion of this course, you will have the knowledge and skills to implement the controls required by the NIST 800-171 framework and build your BOE.
Overview
Syllabus
- Review the DFARS Requirement that led to NIST 800-171
- Understanding the NIST 800-171 Controls
- Understand and Create Policies and Plans
- Create and SSP for Implemented Controls
- Create a POAM for Unimplemented Controls
- Review how NIST 800-171 compliance prepares an org for CMMC Levels 1-3
- Putting it all together
Taught by
Dave Hatter