Step from NIST SP 800-171 to CMMC Compliance
Why defense contractors should validate their DFARS cybersecurity compliance now to prepare for CMMC
3 Reasons to Assess NIST SP 800-171 Compliance Now!
1 Current defense contractors are required to comply with NIST SP 800-171
2 Noncompliance with NIST SP 800-171 could result in a False Claims Act (FCA) action.
3 NIST SP 800-171 is a steppingstone to CMMC Level 3 compliance.
Defense Contractors Must Comply with NIST SP 800-171 Now
A NIST SP 800-171 Readiness Assessment is a substantial step forward to CMMC compliance. The Department of Defense has not officially released CMMC requirements and training. So complying with CMMC requirements can prove challenging. Nonetheless, CMMC is on track to become a defense contract requirement, beginning in 2021.
CMMC does not permit contractors to have security gaps. Many companies may find mitigating compliance gaps could take months.
The Carrot
NIST SP 800-171 is at the root of CMMC compliance. Companies seeking to capitalize on CMMC compliance at the expense of less diligent competitors are performing NIST SP 800-171 Readiness Assessments now!
Companies seeking to capitalize on CMMC compliance at the expense of less diligent competitors are performing NIST SP 800-171 Readiness Assessments now!
The Stick
No company wants the reputation as the weakest link in the US defense supply chain. Worse, no company wants to be publicly called out for it and and fined. Noncompliance with NIST SP 800-171 could result in a False Claims Act (FCA) action. Note: whistleblowers initiate 72 percent of FCA cases.
NIST SP 800-171 is a Steppingstone to CMMC Level 3
Companies that are currently compliant with NIST SP 800-171’s 110 controls are only a short step from CMMC Level 3 compliance.
How NIST 800-171* compares to CMMC v1.02
CMMC vs NIST SP 800-171
NIST 800-171 Assessments go a long way to preparing companies for CMMC Readiness. All of CMMC Level 1 controls are in NIST 800-171. NIST 800-171 contains all but 20 of the 130 CMMC Level 3 Security Practices.
* Includes 800-171 R2 & 800-171B
NIST SP 800-171 to CMMC Comparison by Control
