NIST SP 800-171 Gap Analysis
Cerberus Sentinel’s NIST SP 800-171 gap analysis is an in-depth review of your organization’s cybersecurity landscape and help determine if your organization is ready to obtain CMMC, which will be required of all DoD Contractors by 2026
Using NIST SP 800-171 to Prepare for CMMC 2.0
Level 1 includes 17 basic security requirements based on the NIST 800-171. Although the directive requires only a self-assessment, Cerberus can assist with evaluating level 1 compliance via a gap analysis.
Level 2 of the CMMC 2.0 includes all the 110 requirements from NIST 800-171, verbatim. So a gap analysis is a great starting point to determine if your organization meets these 110 required practices.
The NIST SP 800-171 gap analysis will help you:
- Get used to the process of undergoing an independent assessment and understanding requirements, assisting in future CMMC assessments
- Obtain an objective assessment to assess whether your organization has addressed the requirements and understand any gaps
- Gain assurance at both a system and enterprise level that you are exercising due diligence to protect sensitive data
- Implement a roadmap to follow ensuring proper documentation and implementation of all requirements, policies, and procedures
What you can expect:
- Collect, review, and analyze all existing documentation
- Use the Examine, Interview, and Test assessment procedures documented in NIST SP 800-171A: Assessing Security Requirements for Controlled Unclassified Information
- Provide a gap analysis report
- Conduct a Post Gap Analysis Wrap-Up to present our findings and ensure your organization understands them and agrees on our recommended remediations
- Assist with the development of a Plan of Actions and Milestones (POA&M), including achievable goals and milestones toward 800-171 compliance and preparing for CMMC certification
- Provide hands-on remediation as needed
Get Started with Cerberus Sentinel
Begin your NIST SP 800-171 gap analysis to prepare for CMMC 2.0.