<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1977396509252409&amp;ev=PageView&amp;noscript=1">
Contact a Specialist
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Articles
Articles
Whitepapers
Whitepapers
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
Compliance Reliance
Compliance Reliance
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility

Blog

The Schellman Advantage Blog

Stay up to date with the latest compliance news from the Schellman Advantage blog.

PETER NANCARROW

Peter Nancarrow is a Senior Associate at Schellman & Company, LLC. Prior to joining Schellman in July 2017, Mr. Nancarrow worked as an Information Assurance Supervisory Senior providing audit and audit remediation services to Federal agencies. He has managed and participated on the IT portion of financial statement audits and assessments for compliance with the Federal Information System Modernization Act of 2014 (FISMA). He has also as managed the audit lifecycle and corrective action planning process for agency senior management. As a Senior Associate with Schellman, Mr. Nancarrow is focused primarily on providing FedRAMP third party assessments for organization providing cloud services to the Federal government.

Blog Feature

By: PETER NANCARROW
January 8th, 2018

Government security breaches seem to hit the news every other month—keep an eye on your investments—including potential breaches caused by contractors. What may be a surprise is the idea that the government is not sure how many contractors they even have, as the Congressional Budget Office acknowledged in 2015.  With an unknown number of contractors handling government information, there is a major concern about what security measures contractor organizations have implemented to protect the sensitive government information that they handle, possess, use, share, or receive. To help address this concern, the National Institute of Standards of Technology (NIST) published Special Publication (SP), 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, in June 2015, and Revision 1 was published in December 2016. NIST SP 800-171 defines security requirements for protecting Controlled Unclassified Information (CUI) created or possessed by non-federal entities.