800-171

NIST 800-171 3.9.1 Screen individuals prior to authorizing access to organizational systems containing CUI.
Description:    Personnel security screening (vetting) activities involve the evaluation/assessment of individual’s conduct, integrity, judgment, loyalty, ...
Wed, 12 Jul, 2023 at 4:11 AM
NIST 800-171 3.9.2 Ensure that organizational systems containing CUI are protected during and after personnel actions such as terminations and transfers
Description:    Protecting CUI during and after personnel actions may include returning system-related property and conducting exit interviews. System-rela...
Wed, 12 Jul, 2023 at 4:07 AM
NIST 800-171 3.10.1 Limit physical access to organizational systems, equipment, and the respective operating environments to authorized individuals.
Description:    This requirement applies to employees, individuals with permanent physical access authorization credentials, and visitors. Authorized indiv...
Wed, 12 Jul, 2023 at 4:02 AM
NIST 800-171 3.10.2 Protect and monitor the physical facility and support infrastructure for organizational systems.
Description:    Monitoring of physical access includes publicly accessible areas within organizational facilities. This can be accomplished, for example, b...
Wed, 12 Jul, 2023 at 3:59 AM
NIST 800-171 3.10.3 Escort visitors and monitor visitor activity.
Description:    Individuals with permanent physical access authorization credentials are not considered visitors. Audit logs can be used to monitor visitor...
Sat, 8 Jul, 2023 at 2:25 PM
NIST 800-171 3.10.4 Maintain audit logs of physical access.
Description:    Organizations have flexibility in the types of audit logs employed. Audit logs can be procedural (e.g., a written log of individuals access...
Wed, 12 Jul, 2023 at 3:51 AM
NIST 800-171 3.10.5 Control and manage physical access devices.
Description:    Physical access devices include keys, locks, combinations, and card readers.  Priority: High    Category: Physical Security  Se...
Wed, 12 Jul, 2023 at 3:48 AM
NIST 800-171 3.10.6 Enforce safeguarding measures for CUI at alternate work sites.
Description:    Alternate work sites may include government facilities or the private residences of employees. Organizations may define different security ...
Wed, 12 Jul, 2023 at 3:38 AM
NIST 800-171 3.11.1 Periodically assess the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals, resulting from the operation of organizational systems and the assoc
Description:    Clearly defined system boundaries are a prerequisite for effective risk assessments. Such risk assessments consider threats, vulnerabilitie...
Tue, 11 Jul, 2023 at 7:04 AM
NIST 800-171 3.11.2 Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified.
Description:    Organizations determine the required vulnerability scanning for all system components, ensuring that potential sources of vulnerabilities s...
Sat, 8 Jul, 2023 at 2:48 PM