Hi all, cross posting from the Cybersecurity sub.

Does anybody know of a free to use/very cheap spreadsheet that lists out what policies/procedures and tools are needed to implement 800-171? I.e. control 3.5.3 says to use "multifactor authentication" there would be a column next to it that says use two-factor SMS or email. Boss gave me this task and I'd rather not spend the next two weeks of my life going through every control if I don't have to.

To answer a question that was posed on the other post, the standard excel spreadsheet NIST puts out isn't what I'm looking for. We are essentially trying to dumb down that spreadsheet for our sub-orgs.

Thanks!