Skip to Main Content
Select regional store:
NIST SP 800-171 DoD Assessment

NIST SP 800-171 DoD Assessment

SKU: 5719
Format: Consultancy
Availability: Available

A specialist, in-person review of your current cybersecurity posture against the requirements of NIST SP 800-171.

This service will identify your NIST SP 800-171 compliance gap and provide expert advice on how to scope your system security project in preparation for the CMMC (Cybersecurity Maturity Model Certification).

Meeting CMMC requirements is necessary for all organizations contracting with the DoD (U.S. Department of Defense).

For more information about this service or to get a tailored quote for your organization, please inquire below and one of our experts will be in touch shortly.Inquire about this service
Product description

What will be provided

Our NIST SP 800-171 DoD Assessment will provide you with:

  • A NIST SP 800-171 gap analysis
  • An SSP (system security plan)
  • a remedial action plan
  • An initial assessment score to input into the SPRS (Supplier Performance Risk System)

Download the full service description

Understand your NIST SP 800-171 compliance position

An experienced consultant will assess your organization’s current cybersecurity posture against the NIST SP 800-171 controls. We will then provide a detailed breakdown of your security posture and an action plan that sets out and prioritizes key issues your organization must address to be compliant with NIST SP 800-171. We will also produce an SSP that documents and demonstrates how the NIST SP 800-171 controls are being implemented within your organization.

We will then provide an initial assessment score to input into the DoD’s SPRS.

Why get a NIST SP 800-171 DoD Assessment?

On September 29, 2020, the DoD issued its interim rule for its CMMC framework. Starting November 30, 2020, all contractors must have an assessment of their compliance with NIST SP 800-171 in order to receive a new contract or an extension to an existing contract. Specifically, organizations must have an assessment score, no more than three years old, inputted into the DoD’s SPRS before a contract is awarded.

Our assessment covers all the interim rule requirements, including production of an SSP and the initial assessment score for the SPRS.



The price quoted applies to single-entity organizations of up to 200 staff and with all key personnel (senior management, HR managers, compliance, IT, sales, marketing, and procurement) based at a single site.

If you have more than 200 employees, please fill out a form for a custom quote.

Why IT Governance?

Why choose us?

  • We have an in-depth understanding of the NIST SP 800-171 requirements and how they should be met
  • Our specialist team has extensive experience in information security, data protection, policy management, and controls implementation
  • Our transparent proposals are fixed price, so you won’t get any surprises
  • You will have access to a dedicated account manager throughout the project

Customer reviews

This website uses cookies. View our cookie policy