NIST IT Risk Assessment Services

The National Institute of Standards and Technology (NIST) has prescribed several methodologies for an organization to assess, evaluate, and mitigate their overall risk related to Information Security. 

NIST Cybersecurity Framework

The NIST Cybersecurity Framework was developed in response to the changing threat landscape related to critical infrastructure. The NIST Cybersecurity Framework aims to have organizations consider cybersecurity risks as part of the organization's overall risk management process. There are six functions (core) of the Framework:NIST Cybersecurity Core.png

NIST SP 800-171

Today, more than at any time in history, the federal government is relying on external service providers to help carry out a wide range of federal missions and business functions. By December 31, 2017, all contractors and subcontractors must demonstrate appropriate physical and logical safeguards related to the unclassified controlled information they possess by having an IT Security Risk Assessment to the NIST SP 800-171 requirements. The key areas evaluated in this type of an assessment include: 

NIST 800 171 Control Areas V 2.png

Whether you are trying to secure your organization's key systems as a best practice or you are a contractor/subcontractor for the Federal Government, Compass will assist your organization by completing the NIST IT Risk Assessment you need. Contact us today for more detailed information.

Download: NIST IT Risk Assessment Brochure