New: Autonomous AI risk intelligence is live — your compliance program in 12 minutes. Get started →
← Glossary · Compliance

NIST 800-171

The 110-control baseline for protecting Controlled Unclassified Information (CUI).

NIST Special Publication 800-171 defines 110 security requirements across 14 control families — from access control to system integrity. Every DoD contractor handling CUI is required to implement them under DFARS 252.204-7012.

NIST 800-171 is the foundation of CMMC Level 2. A self-assessment score against these controls (max 110) is what gets posted to SPRS.

Related terms

See how Scarlet Risk covers NIST 800-171.

One platform for compliance, cyber, crypto, and world-watch risk.

Schedule Live Demo