Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-171 has Major Impact on ACT Aerospace


Since 2004, ACT Aerospace has been a leader in the aerospace and defense industry. ACT creates crucial components on some of the most respected aircraft in the industry and has earned a position based on reputation for quality engineering. The company is headquartered in Gunnison, Utah, with 52 employees. ACT's capabilities include hand laid-up laminate construction, filament winding, composite compression molding and large autoclave/oven curing.

The Challenge

As a supplier to the aerospace industry, ACT Aerospace must maintain certain certifications regarding the quality of their work. A key client demanded a review of DFARS compliance, particularly focused on reviewing ACT's NIST 800-171 to demonstrate cybersecurity requirement compliance.
ACT Aerospace appreciates iMpact Utah’s expertise for our cybersecurity need. We understand the importance of being DFARS compliant in our industry. We already have experienced staff in the field and Impact was able to help us tighten things up in a few key areas. The plan we jointly developed works for us, we can update it, and it will live on after they leave.
— Bret Ashton , Head of Business Development

MEP's Role

iMpact Utah, sub-Recipient of the University of Utah MEP and part of the MEP National Network™, worked with the key members of ACT Aerospace team to review the current state of cybersecurity within the company. As part of this project, iMpact trained staff with NIST SP 800-171 Cybersecurity guidelines and requirements and helped them to maximize current IT technology and staff capability. iMpact also worked with ACT to develop a cybersecurity plan. The company’s client approved the plan and allowed the order pipeline to continue. As a result of this project, ACT also has documentation to prove they are following the guidelines and requirements for DFARS compliance

Created October 27, 2020, Updated July 12, 2021