NIST 800-171 Compliance

DLGC provides a simplified approach to NIST 800-171 ensuring DFARS and FARS compliance for federal contracts. Through an initial survey to establish scope and two phases to assess compliance, DLGC assists clients with meeting 800-171 requirements.

The first phase facilitates client review of 110 controls cross-referenced to NIST 800-53.

The second phase verifies existing controls meet NIST 800-53 guidance and documents findings using a standard Plan of Actions and Milestones (POAM) allowing clients to address shortcomings.

Assessment Process:

  • Establish scope
  • Phase 1 – Detailed Interview – NIST 800-171 requirements
  • Phase 2 – Interview verification / audit

Compliance Process:

  • Document findings
  • Document roadmap for compliance
  • Combine findings and roadmap into a Plan of Actions and Milestones (POAM)
  • Coordinate with federal contracting officer for roadmap and POAM approval

Mitigation Process / Corrective Action Plan (CAP):

  • Address “low-hanging fruit” i.e. findings with simple/quick solutions
  • Schedule resources to address project level actions e.g. create system security plan (SSP), conduct vulnerability assessment, etc.