Compliance
NIST 800-171 Compliance Checklist
ⓘ Scope: NIST SP 800-171 applies to non-federal systems that process, store, or transmit Controlled Unclassified Information (CUI). This checklist is a working guide — it does not constitute a formal assessment or legal compliance opinion.
Full checklist coming soon
We're building a practical, actionable checklist covering all 14 control families and 110 requirements. Need a compliance assessment now? Contact us — we conduct NIST 800-171 gap analyses for government contractors.
// The 14 control families this checklist will cover
3.1
Access Control
22 requirements
3.2
Awareness & Training
3 requirements
3.3
Audit & Accountability
9 requirements
3.4
Configuration Management
9 requirements
3.5
Identification & Authentication
11 requirements
3.6
Incident Response
3 requirements
3.7
Maintenance
6 requirements
3.8
Media Protection
9 requirements
3.9
Personnel Security
2 requirements
3.10
Physical Protection
6 requirements
3.11
Risk Assessment
3 requirements
3.12
Security Assessment
4 requirements
3.13
System & Comm. Protection
16 requirements
3.14
System & Info. Integrity
7 requirements