Maintain government contract award eligibility by demonstrating compliance with NIST SP 800-171 for Department of Defense (DoD) Federal Acquisition Regulations Supplement (DFARS) requirements. Federal government mandates and NIST SP 800-171 compliance can be time consuming and confusing for your internal staff. Coalfire’s NIST-based compliance service takes the burden off you so you can continue doing business as usual.
Coalfire’s experience with NIST SP 800-171 and other NIST-based assessments can be applied to your organization in the following methods:
One- to two-day, onsite, presentation and discussion on NIST 800-171 requirements, compliance process, and current technical capabilities.
Coalfire’s advisory team will conduct a compliance analysis of current information systems against NIST SP 800-171. Findings include current compliance posture, identification and verification of organization security boundaries, system policies and procedures status, and roadmap for DFARS/NIST SP 800-171 compliance.
Coalfire’s advisory team will assist in the design and documentation development of the system security plan (SSP) and several closely associated supporting documents that are required to achieve DFARS compliance. Coalfire will also provide DFARS reference architecture recommendations and engineering roadmap considerations.
Coalfire can develop and test against a DFARS security assessment plan (SAP) that includes NIST SP 800-171 controls. The assessment report will indicate the compliance posture with DFARS.
For companies leveraging a security and monitoring analytics tool (e.g., Splunk), Coalfire can provide engineering services to implement and help automate controls for NIST SP 800-171 compliance for a single pane view of your compliance status in real time.
Identify gaps and streamline your NIST 800-171 compliance efforts by working with experienced assessors who have an in-depth understanding of your industry and technology.
Coalfire will provide clarity for the NIST 800-171 compliance requirements and guidance on how to mitigate deficiencies.
Coalfire has 16 years of experience in NIST-based compliance that is relied on by leading agencies such as HHS, CMS, NIH, DHS, DOT, and many more. Coalfire’s expertise is directly drawn from working with several thousands of NIST-based gap assessments, advisory, and assessment projects across multiple industries. With this depth of experience and knowledge, Coalfire can help you understand your security posture and how it compares to your industry peers.
Coalfire’s firm stance on technology and vendor independence allows for thorough in-depth and unbiased recommendations from an experienced third party. Our services will provide an objective and knowledgeable view of how the requirements that affect your organization.
Coalfire will rely on our understanding of NIST assessments and other published guidance (agency supplied) to evaluate the required controls against the existing implementations presented by client stakeholders. Our approach covers the subset of NIST 800-171 controls to include:
The outcome will provide you with a thorough understanding of compliance with NIST 800-171, as well as a clear articulation of any gaps, which will need to be addressed following completion of the engagement for your organization to be in full compliance with NIST 800-171.
While NIST 800-171 is a relatively new compliance requirement, Coalfire has conducted 800-171 engagements for both large enterprise service providers and original equipment manufacturers, as well as small/mid-size businesses working with the United States federal government.