NIST SP 800-171
Gap & Risk Assessment

Our NIST 800-171 Gap & Risk Assessment methodology will educate, inform, and guide your information security program using an industry-standard framework for securing data and systems. 0 Tolerance will assess your organization using the NIST Special Publication (SP) 800-171 families and their 110 security controls. 

This framework is especially helpful if your organization currently does business with the federal government or is in the military supply chain; from nuts and bolts on plate armor, to brake pads on transport or fighter jets, to warfighter tech on the solider’s belt, to software that drives national defense and war-fighting infrastructure. Federal and military contracts are lucrative, and if you have future plans to be in those ecosystems, this should be at the top of your to-do list. These controls are showing up in other areas too. For example, for colleges that accept federal dollars, the 800-171 is a requirement for keeping those financial aid dollars flowing.

NIST 800-171 Gap & Risk Assessment Framework

We will perform the assessment using the 320 NIST SP 800-171A assessment objectives, which detail specific implementation guidelines. The 14 overall requirement families include:

  1. Access Control
  2. Awareness and Training
  3. Audit and Accountability
  4. Configuration Management
  5. Identification and Authentication
  6. Incident Response
  7. Maintenance
  8. Media Protection
  9. Personnel Security
  10. Physical Protection
  11. Risk Assessment
  12. Security Assessment
  13. System and Communication Protection
  14. System and Information Security
nist 800-171 risk assessment

NIST SP 800-171
Gap & Risk Assessment

A valuable security assessment of your overall information security program

Security is about the Journey, not a destination