Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Higher Education & Research Laboratories
Higher Education & Research Laboratories
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships

NIST 800-171

Assess compliance with the NIST 800-171 standard for protecting controlled unclassified information (CUI)

Contact a Specialist Build Your Compliance Roadmap

NIST 800-171 Middle

What is NIST 800-171?

For some time, the US Department of Defense has been working to revise its funding procurement procedures referred to as the Defense Federal Acquisition Regulation Supplement, or DFARS. Most important among all the details are the included requirements in the regulations (under 252.204-7012), which mandate that defense contractors meet the NIST special publication (SP) 800-171 standard that deals with Controlled [but] Unclassified Information (CUI).

NIST 800-171, unlike NIST 800-53, was written for non-government entities such as government contractors and service providers. With that being said, though NIST 800-171 is required for contractors, the DFARS regulation also necessitates the more comprehensive FedRAMP authorization for cloud service providers.

NIST 800-171 Middle

Your NIST 800-171 Specialist,
Doug Barbin

Doug Barbin is a managing principal and firm-wide leader for cyber security and compliance services. He works with many of the world's leading cloud computing, federal, FinTech, healthcare, AI, and security provider clients.
  • Fixed-Fee Using an outcome-based, fixed-fee pricing model based on our extensive experience
  • Scope Creep We see less than 5% of our clients that see amendments and are often the result of a scope expansion
  • Low Overhead Low overhead means a flexible financial structure

How much will your audit cost?

Whether it is an ISO 27001 certification, SOC 2 examination or a FedRAMP assessment, companies are often challenged by the need to address customer requirements while ensuring a return on compliance investment.

The most important factor in scoping a potential assessment is understanding what deliverable the recipient (i.e. your customer or partner) is expecting.

Once we have scoped your environment and needs, there are several factors that contribute to Schellman’s pricing:

  • Fixed-Fee Using an outcome-based, fixed-fee pricing model based on our extensive experience
  • Scope Creep We see less than 5% of our clients that see amendments and are often the result of a scope expansion
  • Low Overhead Low overhead means a flexible financial structure

Contact Us

Fill out this form to talk with one of our specialists. We'll be in touch soon to continue the conversation and help you find what you're looking for.

Contact Us

Fill out this form to talk with one of our specialists. We'll be in touch soon to continue the conversation and help you find what you're looking for.