NIST 800-171 Services

Contact Us Now

Do you perform work with Department of Defense?

Don’t lose out on valuable revenue sources in your contracting company by failing to implement Defense Federal Acquisition Regulation Supplement (DFARS). Allow EEC to perform scoping assessment so that your organization does not fail DoD requirements to implement the NIST SP 800-171.

Not just DoD

Contracting officers across the federal government are beginning to implement verbiage that requires NIST SP 800-171 for primes as well as sub that are bidding on contracts.

NIST 800-171 Overview

Executive Order 13556 was created and signed into order on November 4, 2010. The order establishes an open and uniform program for managing information that requires safeguarding or dissemination controls (aka Controlled Unclassified Information(CUI)).

Protecting Controlled Unclassified Information

The NIST SP 800-171 “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” was published in November of 2013 by the DoD requiring the safeguarding of CUI that transit or reside on contractor information systems. The NIST 171 has 110 different security requirements that mandate contractors and vendors to implement or risk losing out on contract opportunities.

CUI Categories
  • Agriculture

  • Controlled Technical Information

  • Critical Infrastructure

  • Emergency Management

  • Export Control

  • Financial

  • Nuclear

  • Legal

  • North Atlantic Treaty Organization (NATO)

  • Geodetic Product Information

  • Immigration

  • Information Systems Vulnerability Information

  • Intelligence

  • International Agreements

  • Law Enforcement

  • Patent

  • Privacy

  • Procurement and Acquisition

  • Proprietary Business Information

  • SAFETY Act Information

  • Statistical

  • Tax

  • Transportation

NIST 800-171 Categories
  • Access Control

  • Audit and Accountability

  • Awareness and Training

  • Configuration Management

  • Identification and Authentication

  • Incident Response

  • Maintenance

  • Media Protection

  • Physical Protection

  • Personnel Security

  • Risk Assessment

  • Security Assessment

  • System and Communications Protection

  • System and Information Integrity


EEC provides an in-depth Scoping Assessment that assists an organization in understanding exactly what is in scope and determined to be CUI, alleviating the risk of over-scoping and paying unnecessary money in implementing solutions that do not meet the requirements of NIST 171.

With EEC, you work with top professionals in the industry who have multiple years of experience implementing controls for various compliance standards to include the NIST 171. At a fraction of the cost and time it would take to implement a team in house, EEC will save your organization hundreds of thousands of dollars by offering flexible packages that will answer ALL the categories and controls required by the NIST 171.


More Info

We offer a range of HIPAA security, privacy, and breach notification audit services to help our clients identify and prioritize compliance needs.


Risk Assessment

More Info

Risks are an inevitable part of the business. However, the success of your organization depends on your ability to manage and respond to risks properly.


More Info

Leverage our Proven Process Package and ISMS/ISO subject matter expertise to gain ISO certification.


More Info

We are committed to ensuring access and affordability for our clients.