Becoming NIST SP 800-171 compliant

old.reddit.com / @/u/koach44, https://old.reddit.com/user/koach44

Hey all,

I have a company(A) ho is looking to purchase products that my company makes. Company A required us to be NIST certified. I am working with IT today to go through the questionnaire. I have a few questions because although we are a very large organization we do not have this certification.

-Our location runs “separately” from corporate. Can we fill these questions out per our location?

-what is the “system” that it calls out in system identification. Is that firewalls…ERP….etc?

  • is there a cost associated with becoming complaint?

-is there an Audit required for this?

Honestly, we have no guidance for this process so any help would be very appreciated!

submitted by /u/koach44
[link] [comments]

published 7 months ago


Previous

Looking for a little help with self-assessment of 800-53r5
published 7 months ago

Next

3.4.8 Application Control on Linux?
published 7 months ago
See all items from the same source