What Is NIST SP 800-171?

Solutions
- Main Menu
- Solutions
- Product Compliance
  - Solutions
  - Product Compliance
  - Product Compliance Solutions
    View our solutions for getting standardized, validated, and usable product compliance data from your supply chain.
    
    See All Solutions Start Product Tour
    REACH
    Supply chain transparency needed for compliance.
    
    PFAS Updated
    Identify PFAS in your supply chain and set yourself up for success.
    
    SCIP
    Meet submission obligations with a deep view of your supply chain.
    
    RoHS
    Deep-map your supply chain to streamline compliance.
    
    TSCA
    Grow better with Assent’s TSCA compliance solution.
    
    Proposition 65
    Uncover deep supply chain data to meet labeling requirements.
    
    Interactive Tool
    Product Compliance Product Tour
    Learn More
- ESG
  - Solutions
  - ESG
  - ESG Supply Chain Solutions
    See how we build your missing ESG foundation with our complete supply chain sustainability solution.
    
    See All Solutions Start Product Tour
    ESG Reporting
    Deliver on your reporting needs with Assent ESG
    
    UFLPA
    Uncover hidden forced labor risks in your supply chain.
    
    Conflict Minerals
    Deep transparency into mineral sourcing.
    
    Extended Minerals
    Complete cobalt and mica reporting solutions.
    
    SCDDA
    Meet your German Supply Chain Due Diligence Act (SCDDA) requirements with confidence.
    
    CSRD
    Confidently identify the entities and topics in your value chain that are most critical to compliance.
    
    Interactive Tool
    Supply Chain ESG Product Tour
    Learn More
- Trade Compliance
  - Solutions
  - Trade Compliance
  - Trade Compliance Solutions
    Learn about our trade compliance capabilities and how it uncovers hidden risks and opportunities.
    
    See All Solutions
    Canada-EU Trade Agreement
    Unlock supply chain transparency to mitigate trade risks.
    
    Custom Codes
    Manage customs codes for your products.
    
    International Trade Agreements
    Protect global market access & leverage trade agreements.
    
    USMCA
    Uncover hidden trade risks and opportunities.
    
    Export Classification
    Solutions for export classification code tracking.
    
    Country of Origin
    Country of origin tracking supply chain solutions.
    
    Interactive Tool
    Supply Chain Risk Assessment Tool
    Learn More
- By Industry
  - Solutions
  - By Industry
  - Explore our Industry Solutions
    Discover how our automated supply chain sustainability management solutions help complex manufacturers see deeper, be smarter, and grow better.
    
    See All Industries
    Medical Devices
    Solutions for medical devices manufacturing.
    
    Electronics
    Solutions for the electronics industry, across compliance and ESG.
    
    Industrial Equipment
    Sustainability solutions for industrial equipment.
    
    Automotive
    Supply chain sustainability for automotive.
    
    Aerospace & Defense
    Sustainability solutions for aerospace and defense.
    
    Interactive Tool
    Supply Chain Risk Assessment Tool
    Learn More
Platform & Capabilities
- Main Menu
- Platform & Capabilities
- Platform
  - Platform & Capabilities
  - Platform
  - Our Platform & Capabilities
    View details about our complete supply chain sustainability platform, including product compliance, ESG, and trade compliance.
    
    Explore Now Why Assent
    Our Platform
    Enhanced Supplier Screening
    Evaluate and report on hidden risks in your supply chain.
    
    Pricing New
    Get a custom quote and find the right solution at the right price.
    
    Data Information & Security
    Learn about our data security protocols, to keep your information safe.
    
    Reporting & Data
    Reporting and data capabilities you need to meet your requirements.
    
    Enterprise Integrations
    View our integrations with SAP, PTC Windchill, and other standard APIs.
    
    Interactive Tool
    Maturity Assessment
    Learn More
- Services
  - Platform & Capabilities
  - Services
  - Our Platform & Capabilities
    View details about our complete supply chain sustainability platform, including product compliance, ESG, and trade compliance.
    
    Explore Now Why Assent
    Our Managed & Professional Services
    Supplier Engagement
    Education, data collection, and technical support for suppliers.
    
    Advisory Services
    Deep regulatory knowledge you need to build sustainable growth.
    
    Program Management
    Managed services with dedicated support from world-class experts.
    
    Interactive Tool
    Maturity Assessment
    Learn More
- Expertise
  - Platform & Capabilities
  - Expertise
  - Our Regulatory Expertise
    Assent regulatory experts have over 200 years of combined expertise. Learn more about how they helped make us the leader in supply chain sustainability.
    
    Meet the Experts
    
    Interactive Tool
    Maturity Assessment
    Learn More
Resources
- Main Menu
- Resources
- Content Hub
  - Resources
  - Content Hub
  - Content Hub
    View our content hub, including Interactive Tools, Webinars, Whitepapers, Guides and eBooks.
    
    See All Resources Supply Chain Risk Assessment Tool
    Interactive Tools
    New Tools for understanding your requirements, risks, and our solutions.
    
    Whitepapers
    Explore complex supply chain sustainability topics.
    
    Guides
    Get up-to-date information on constantly evolving topics.
    
    Ebooks
    Keep on top of existing or emerging regulations and trends.
    
    Webinars
    Learn directly from experts on wide-ranging topics.
    
    Customer Stories
    Discover why so many top companies have chosen Assent.
    
    On-Demand, Webinar
    Unpacking the Recent Announcement on PFAS Requirements Under TSCA
    Register
- Knowledge Center
  - Resources
  - Knowledge Center
  - Knowledge Center
    Access the Assent Knowledge Center, the leading regulatory resource for supply chain management, from our team of experts.
    
    See All Articles See Regulatory Templates
    PFAS
    New Per- and polyfluoroalkyl substances (PFAS)
    
    CSRD
    New Streamline your reporting process to comply with the EU CSRD.
    
    Conflict Minerals
    Deep transparency into mineral sourcing.
    
    REACH
    Supply chain transparency needed for compliance.
    
    ESG
    Environmental, social, and governance (ESG) issues.
    
    RoHS
    Deep-map your supply chain to streamline compliance.
    
    SCDDA
    The German Supply Chain Due Diligence Act (SCDDA) .
    
    TSCA
    Grow better with our TSCA compliance solution.
    
    On-Demand, Webinar
    Unpacking the Recent Announcement on PFAS Requirements Under TSCA
    Register
- Blog
  - Resources
  - Blog
  - Blog
    Read Assent’s blog for regulatory updates, supply chain sustainability advice, best practices, and more.
    
    See All Blogs
    Supply Chain Sustainability
    Learn everything you need to know about supply chain sustainability.
    
    Product Compliance
    Get clear educational resources on key product compliance regulations.
    
    ESG
    Discover how ESG and your supply chain are connected.
    
    Trade Compliance
    Learn best practices for managing your trade requirements.
    
    Responsible Minerals
    Keep up with changing responsible minerals expectations.
    
    REACH
    Get an expert breakdown of the REACH Regulation.
    
    On-Demand, Webinar
    Unpacking the Recent Announcement on PFAS Requirements Under TSCA
    Register
- Events & Webinars
  - Resources
  - Events & Webinars
  - Live Events & Webinars
    Read about upcoming events and webinars hosted by our world-class team of regulatory experts.
    
    See Upcoming Events
    
    On-Demand, Webinar
    Unpacking the Recent Announcement on PFAS Requirements Under TSCA
    Register
- Training Courses
  - Resources
  - Training Courses
  - Assent University
    Access comprehensive educational resources to better understand your business and regulatory requirements, and how to build your programs to mitigate supply chain risk effectively.
    
    See Courses See Regulatory Templates
    
    On-Demand, Webinar
    Unpacking the Recent Announcement on PFAS Requirements Under TSCA
    Register
Company
- Main Menu
- Company
- About Us
  - Company
  - About Us
  - Our Story
    Learn how we became the leading supply chain sustainability management solution for the world’s most responsible complex manufacturers.
    
    Discover Assent Why Assent
    Sustainability at Assent
    Read about our ESG journey and access our corporate sustainability reports.
    
    Our Customers
    See the leading manufacturers working with us to achieve supply chain sustainability.
    
    Leadership Team
    Meet the team that helped Assent become the leader in supply chain sustainability.
    
    Guide
    Supply Chain Sustainability in 2023: Evaluating Program Maturity in Complex Manufacturing
    Learn More
- News & Information
  - Company
  - News & Information
  - Newsroom
    Read the latest news about Assent from around the world.
    
    Certifications & Recognition
    View our industry and technology certifications.
    
    Alliances & Partnerships
    Read more about the organizations and partners working with us to create supply chain sustainability.
    
    Contact Us
    Find out how to get in touch with us.
    
    Guide
    Supply Chain Sustainability in 2023: Evaluating Program Maturity in Complex Manufacturing
    Learn More
- Careers
  - Company
  - Careers
  - Careers
    Become an Assentee! Learn about our culture, purpose, and opportunities.
    
    Explore Careers Current Openings
    
    Guide
    Supply Chain Sustainability in 2023: Evaluating Program Maturity in Complex Manufacturing
    Learn More

Solutions
Solutions
Product Compliance

Product Compliance Solutions
View our solutions for getting standardized, validated, and usable product compliance data from your supply chain.

See All Solutions Start Product Tour
REACH
Supply chain transparency needed for compliance.

PFAS Updated
Identify PFAS in your supply chain and set yourself up for success.

SCIP
Meet submission obligations with a deep view of your supply chain.

RoHS
Deep-map your supply chain to streamline compliance.

TSCA
Grow better with Assent’s TSCA compliance solution.

Proposition 65
Uncover deep supply chain data to meet labeling requirements.

Interactive Tool
Product Compliance Product Tour
Learn More

ESG

ESG Supply Chain Solutions
See how we build your missing ESG foundation with our complete supply chain sustainability solution.

See All Solutions Start Product Tour
ESG Reporting
Deliver on your reporting needs with Assent ESG

UFLPA
Uncover hidden forced labor risks in your supply chain.

Conflict Minerals
Deep transparency into mineral sourcing.

Extended Minerals
Complete cobalt and mica reporting solutions.

SCDDA
Meet your German Supply Chain Due Diligence Act (SCDDA) requirements with confidence.

CSRD
Confidently identify the entities and topics in your value chain that are most critical to compliance.

Interactive Tool
Supply Chain ESG Product Tour
Learn More

Trade Compliance

Trade Compliance Solutions
Learn about our trade compliance capabilities and how it uncovers hidden risks and opportunities.

See All Solutions
Canada-EU Trade Agreement
Unlock supply chain transparency to mitigate trade risks.

Custom Codes
Manage customs codes for your products.

International Trade Agreements
Protect global market access & leverage trade agreements.

USMCA
Uncover hidden trade risks and opportunities.

Export Classification
Solutions for export classification code tracking.

Country of Origin
Country of origin tracking supply chain solutions.

Interactive Tool
Supply Chain Risk Assessment Tool
Learn More

By Industry

Explore our Industry Solutions
Discover how our automated supply chain sustainability management solutions help complex manufacturers see deeper, be smarter, and grow better.

See All Industries
Medical Devices
Solutions for medical devices manufacturing.

Electronics
Solutions for the electronics industry, across compliance and ESG.

Industrial Equipment
Sustainability solutions for industrial equipment.

Automotive
Supply chain sustainability for automotive.

Aerospace & Defense
Sustainability solutions for aerospace and defense.

Interactive Tool
Supply Chain Risk Assessment Tool
Learn More
Platform & Capabilities
Platform & Capabilities
Platform

Our Platform & Capabilities
View details about our complete supply chain sustainability platform, including product compliance, ESG, and trade compliance.

Explore Now Why Assent
Our Platform
Enhanced Supplier Screening
Evaluate and report on hidden risks in your supply chain.

Pricing New
Get a custom quote and find the right solution at the right price.

Data Information & Security
Learn about our data security protocols, to keep your information safe.

Reporting & Data
Reporting and data capabilities you need to meet your requirements.

Enterprise Integrations
View our integrations with SAP, PTC Windchill, and other standard APIs.

Interactive Tool
Maturity Assessment
Learn More

Services

Our Platform & Capabilities
View details about our complete supply chain sustainability platform, including product compliance, ESG, and trade compliance.

Explore Now Why Assent
Our Managed & Professional Services
Supplier Engagement
Education, data collection, and technical support for suppliers.

Advisory Services
Deep regulatory knowledge you need to build sustainable growth.

Program Management
Managed services with dedicated support from world-class experts.

Interactive Tool
Maturity Assessment
Learn More

Expertise

Our Regulatory Expertise
Assent regulatory experts have over 200 years of combined expertise. Learn more about how they helped make us the leader in supply chain sustainability.

Meet the Experts

Interactive Tool
Maturity Assessment
Learn More
Resources
Resources
Content Hub

Content Hub
View our content hub, including Interactive Tools, Webinars, Whitepapers, Guides and eBooks.

See All Resources Supply Chain Risk Assessment Tool
Interactive Tools
New Tools for understanding your requirements, risks, and our solutions.

Whitepapers
Explore complex supply chain sustainability topics.

Guides
Get up-to-date information on constantly evolving topics.

Ebooks
Keep on top of existing or emerging regulations and trends.

Webinars
Learn directly from experts on wide-ranging topics.

Customer Stories
Discover why so many top companies have chosen Assent.

On-Demand, Webinar
Unpacking the Recent Announcement on PFAS Requirements Under TSCA
Register

Knowledge Center

Knowledge Center
Access the Assent Knowledge Center, the leading regulatory resource for supply chain management, from our team of experts.

See All Articles See Regulatory Templates
PFAS
New Per- and polyfluoroalkyl substances (PFAS)

CSRD
New Streamline your reporting process to comply with the EU CSRD.

Conflict Minerals
Deep transparency into mineral sourcing.

REACH
Supply chain transparency needed for compliance.

ESG
Environmental, social, and governance (ESG) issues.

RoHS
Deep-map your supply chain to streamline compliance.

SCDDA
The German Supply Chain Due Diligence Act (SCDDA) .

TSCA
Grow better with our TSCA compliance solution.

On-Demand, Webinar
Unpacking the Recent Announcement on PFAS Requirements Under TSCA
Register

Blog

Blog
Read Assent’s blog for regulatory updates, supply chain sustainability advice, best practices, and more.

See All Blogs
Supply Chain Sustainability
Learn everything you need to know about supply chain sustainability.

Product Compliance
Get clear educational resources on key product compliance regulations.

ESG
Discover how ESG and your supply chain are connected.

Trade Compliance
Learn best practices for managing your trade requirements.

Responsible Minerals
Keep up with changing responsible minerals expectations.

REACH
Get an expert breakdown of the REACH Regulation.

On-Demand, Webinar
Unpacking the Recent Announcement on PFAS Requirements Under TSCA
Register

Events & Webinars

Live Events & Webinars
Read about upcoming events and webinars hosted by our world-class team of regulatory experts.

See Upcoming Events

On-Demand, Webinar
Unpacking the Recent Announcement on PFAS Requirements Under TSCA
Register

Training Courses

Assent University
Access comprehensive educational resources to better understand your business and regulatory requirements, and how to build your programs to mitigate supply chain risk effectively.

See Courses See Regulatory Templates

On-Demand, Webinar
Unpacking the Recent Announcement on PFAS Requirements Under TSCA
Register
Company
Company
About Us

Our Story
Learn how we became the leading supply chain sustainability management solution for the world’s most responsible complex manufacturers.

Discover Assent Why Assent
Sustainability at Assent
Read about our ESG journey and access our corporate sustainability reports.

Our Customers
See the leading manufacturers working with us to achieve supply chain sustainability.

Leadership Team
Meet the team that helped Assent become the leader in supply chain sustainability.

Guide
Supply Chain Sustainability in 2023: Evaluating Program Maturity in Complex Manufacturing
Learn More

News & Information
Newsroom
Read the latest news about Assent from around the world.

Certifications & Recognition
View our industry and technology certifications.

Alliances & Partnerships
Read more about the organizations and partners working with us to create supply chain sustainability.

Contact Us
Find out how to get in touch with us.

Guide
Supply Chain Sustainability in 2023: Evaluating Program Maturity in Complex Manufacturing
Learn More

Careers

Careers
Become an Assentee! Learn about our culture, purpose, and opportunities.

Explore Careers Current Openings

Guide
Supply Chain Sustainability in 2023: Evaluating Program Maturity in Complex Manufacturing
Learn More

The United States federal government utilizes a range of external service providers for missions and business functions that deal with and/or share federal information. As such, the protection of this information is of vital importance to the government to ensure their continued ability to carry out their operations. The National Institute of Standards and Technology (NIST) Special Publication 800-171 “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” helps to protect controlled unclassified information that resides in nonfederal information systems and organizations. It requires covered contractor information systems that are not part of an IT service or system operated on behalf of the U.S. government to meet certain security requirements to preserve the confidentiality of Controlled Unclassified Information (CUI).

Learn more about NIST SP 800-171.

NIST SP 800-171 & the Defense Federal Acquisition Regulation Supplement (DFARS)

DFARS 252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting is a flow-down that obligates United States Department of Defense (DoD) prime contractors to ensure their operations and supply chains meet NIST SP 800-171. All covered contractor information systems not operated on behalf of the government are required to implement security requirements outlined in NIST SP 800-171 no later than December 31, 2017. To meet these requirements, obligated companies must demonstrate acceptance of the DFARS 252.204-7012 by subcontractors and suppliers and that adequate due diligence was performed.

For more information on DFARS 252.204-7012 click here.

Cyber Incident Reporting Requirements

When a cyber incident occurs that impacts a covered contractor information system, or covered defense information within it, parties in scope of the DFARS must flow up notification of the breach to their customers. Disclosure of the breach must be made to the government contracting officer. Responsibilities under the cyber incident reporting requirement include conducting a detailed review to gather evidence of compromised information and reporting the incident to the DoD within 72 hours of it occurring. Other requirements of this DFARS flow-down include:

Completion of a cyber incident report containing required elements as specified by the DoD
Contractors and sub-contractors must have, or acquire, a DoD-approved medium assurance certificate
Submitting malicious software involved in the incident to the DoD Cyber Crime Center
Preserve any images or other related media of affected information systems for 90 days
Access to additional information or equipment for the purposes of forensic analysis
Providing the DoD with damage assessment information gathered
Identifying and marking attributional and proprietary information submitted under the cyber incident reporting requirement
Understand that information created for the DoD or not created for the DoD that is obtained by the DoD from the contractor, or derived from the information obtained, is authorized to be released to other entities under certain circumstances
All contractor activities must be conducted in accordance with applicable laws and regulations pertaining to interception, monitoring, access, use and disclosure of electronic communications and data
Understand they must uphold responsibility for other safeguarding or cyber incident reporting requirements

DFARS Compliance & NIST

Contractors to the DoD must flow-down applicable DFARS 252.204-7012 terms to in-scope suppliers and complete adequate supplier due diligence by December 31, 2017. The Assent Vendor Risk Module automates the supply chain data collection process and offers visibility into supply chain cybersecurity risks. The integrated Assent Campaign Manager facilitates the collection of survey responses and centralizes the acquisition of key verification documentation associated with the NIST, including the Plan of Action and Milestones (POA&M) and Security System Plan (SSP) documents, from suppliers. This helps your company perform the due diligence flow-downs required under DFARS and provides evidence of conformity with NIST.

Solutions

Product Compliance

ESG

Trade Compliance

By Industry

Platform & Capabilities

Platform

Services

Expertise

Resources

Content Hub

Knowledge Center

Blog

Events & Webinars

Training Courses

Company

About Us

News & Information

Careers

What Is NIST SP 800-171?

NIST SP 800-171 & the Defense Federal Acquisition Regulation Supplement (DFARS)

Cyber Incident Reporting Requirements

DFARS Compliance & NIST