NIST SP 800-171


Manage compliance with NIST SP 800-171 while you manage all your IT other requirements. Satisfy the CMMC Interim Rule at the same time!

Download Datasheet

Full-Featured to Manage the NIST (SP) 800-171 Compliance Along with All Your Other IT Requirements

Compliance Manager GRC is simple to use, and you don’t have to be a compliance expert to manage the specific parameters for NIST SP 800-171 compliance. Compliance Manager GRC automatically loads the specific requirements and controls you need to implement to comply. Best of all, you can also track everything that’s in scope for your IT operation at the same time, and on the same dashboard, regardless of source.

Perform and Score a NIST (SP) 800-171 Self-Assessment

Under the DoD CMMC Interim Rule, contractors are required to complete a self-assessment and submit their score to confirm their compliance with NIST (SP) 800-171 before they can be awarded DoD contracts. Compliance Manager GRC’s built-in Rapid Baseline Assessment can quickly walk you through each of the 110 controls to create a baseline assessment and initial score using the scoring methodology dictated by DFARS clause 252.204– 7020 to generate an itemized scorecard for each of the 110 controls included in NIST (SP) 800-171.

Get a Demo
To see Compliance Manager GRC in action, download the full set of NIST SP 800-171 Compliance Reports.
Get Reports

Featured Product Highlights For NIST (SP) 800-171

Compliance Manager GRC allows you to use all of your current IT security tools, software and systems to meet the requirements of NIST 800-171 . . . while you maintain compliance with all your other IT requirements, regardless of source. The built-in Standard Management Templates allow you to quickly determine if you can “check the boxes” for every control, identifies the gaps, and automatically prepares all of the documents you need to comply with the regulation.

Here are a few of the value-added features you get:

Rapid Baseline Assessments – Quickly identify gaps where you are not compliant with the law

Technical Risk Assessments – Full risk assessment to meet the NIST (SP) 800-171 security requirements

Auditor’s Checklist – Easy access for auditor to quickly verify compliance with every requirement

Plan of Action & Milestones – Tracking and management of things you need to do to become compliant

Policies & Procedures Manual – Required documentation of everything you need to do.

Automated Documentation & Storage – Helps speed up the review process in the event of an audit or law suit.

Bullphish Integration – Helps with end-user training



The CMMC Interim Rule came into effect on November 30, 2021. But the new process was so complex, the DoD established a 5-year implementation time frame, and established the Interim Rule to bridge the gap. Within a year, CMMC 2.0 was announced, simplifying the process. But the 5-year implementation schedule remained in place, and the Interim Rule is still in place, and 800-171 is still the defacto standard to follow.


800-171 requirements include specific policies and procedures that employees must follow. Compliance Manager GRC includes an Employee Portal to track and enforce employee security awareness training and CMMC policy compliance attestation.


Whether complying with the requirements of the NIST (SP) 800-171, tracking the terms of your cyber risk insurance policy, or making sure your own IT policies and procedures are being followed, Compliance Manager GRC helps you Get IT All Done at the same time, and in the same place. No other Compliance Management software gives you this kind of flexibility.


Assuring compliance with NIST (SP) 800-171 – as well as all your other IT requirements such as CMMC Interim Rule – is easy with Compliance Manager GRC. You get more work done with less labor, thanks to automated data collection, automated management plans, and automated document generation.


Compliance Manager GRC is affordable, yet boasts the power and functionality most often found in expensive, enterprise-class governance, risk, and compliance platforms. Whether you manage compliance for your own organization, or are an MSP delivering compliance-as-a-service, there’s a sensible subscription for you.

Overcome the Biggest IT Challenges and Responsibilities

  • Reduce Risk
  • Reduce Complexity
  • Save Money
Get a Demo