Posted on

Information System Maintenance and Compliance for CUI Protection

Information System Maintenance & Compliance for CUI Protection

Maintenance Required

If you’re a small business working on a government contract that includes requirements for protection of controlled unclassified information CUI, it’s important to remember that remaining compliant is a continuous process. National Institute of Standards and Technology Special Publication 800-171 contains the guidelines for establishing and maintaining the required security processes and controls inherent in many contract terms. These requirements include maintaining and updating the systems used in support of the contract efforts.

Continue reading Information System Maintenance and Compliance for CUI Protection
Posted on

NIST SP 800-171 and DFARS Clause 7012

NIST SP 800-171 & DFARS Clause 7012 .

New Cyber Security Regulations

For small businesses planning to business with the U.S. Government and Department of Defense, new cyber security and incident reporting rules will apply. The rules can impact your contract work and the data sent, received or created as part of those efforts. These rules are primarily codified in the National Institute for Science and Technology Special Publication 800-171 Privacy Controls for Federal Information Systems and Organizations and Clause 252.204-7012 to the Defense Federal Acquisition Regulation Supplement.

Continue reading NIST SP 800-171 and DFARS Clause 7012