Defense Dept. plans to finalize rulemaking in December allowing officials to assess compliance with NIST standard

The Pentagon is planning to issue a final rule in December establishing a regime for DOD acquisition officials to conduct assessments of a contractor’s compliance with NIST Special Publication 800-171.

The December final rule concerns the NIST 800-171 Assessment Methodology, which “enables DoD to assess contractor implementation of the cybersecurity requirements in NIST SP 800-171, Protecting Controlled Unclassified Information (CUI) In Nonfederal Systems and Organizations,” according to the Spring 2022 Unified Agenda of Regulatory and Deregulatory Actions. The agenda...