NIST Compliance

If you are a government supplier that requires NIST, we can help you get there!


The purpose of the National Institute of Standards and Technology (NIST) compliance is to protect an organization’s controlled unclassified information. A new clause requires that contractors and some subcontractors be NIST 800-171 compliant.

RMS Associates can save you from anxiety and irritation by helping to prepare your business. It is time to get serious about cyber security!

If you are a Department of Defense contractor or you deal with Controlled Unclassified Information (CUI) or other Covered Defense Information (CDI), you must comply with the Defense Federal Acquisition Regulations in order to keep your contracts and bring your level of security up to standard. Furthermore, you need to set up your information systems and policies according to the specifications in these new, mandatory requirements. While your overall network needs to be assessed, you can reduce implementation costs by focusing on the compliance of CUI and CDI.

The clauses in DFARS 252.204-7012, “Safeguarding Covered Defense Information and Cyber Incident Reporting” are the regulatory clauses with which all Department of Defense contractors must comply:

  • provide adequate security for all covered contract information and
  • report any cyber incident that may affect covered defense information.

Implement changes such as adding two factor authentication and ensuring that there are no shared passwords. In addition to protecting information from theft, the contractor must also ensure that their cloud service provider meets all security requirements in the Federal Risk and Authorization Management Program.

If a cyber threat occurs, you must report it within 72 hours on the Defense Industrial Base Network portal. You must also report it to the prime contractor. Contractors must abide by regulations for isolating, preserving, and submitting required details of the breach to the Cyber Crime Center.

Failure to fulfill these compliance requirements may result in:

  • Liquidated damages
  • Termination for default or convenience
  • Liability under the False Claims Acts
  • Suspension or elimination by the government

Many have found that their prime contractors are insisting they be compliant even sooner than the specified date. They do not want to be liable for non-compliance.

If you want to save yourself the time and headache of trying to become an expert on NIST 800-171 yourself, contact RMS Associates to get a free quote on how we can help you become compliant before it’s too late!

Contact Us

  • This field is for validation purposes and should be left unchanged.

Contact Us

  • This field is for validation purposes and should be left unchanged.

Contact Us:

RMS Associates, Inc.

1850 Lake Park Drive

Suite 200

Smyrna, GA 30080

tel 770-988-9640

fax 770-988-9695