tags: #publish links: [[Software and Tech]], created: 2021-07-24 Sat --- # NIST 800-171 A standard mainly for companies involved in US Government defense contracting and supply chain. It sets out "recommended" requirements for **protecting the confidentiality of Controlled Unclassified Information** (CUI), e.g. relating to defense contracts. https://www.nist.gov/blogs/manufacturing-innovation-blog/what-nist-sp-800-171-and-who-needs-follow-it-0 ## Application It is required by US Government Defense Federal Acquisition Regulation Supplement (DFARS) - i.e otherwise you aren't getting the government contract; see [[Competitive Compliance]]. A related broader federal information system standard is [[NIST 800-53]].