Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST MEP CYBERSECURITY Self-Assessment Handbook for Assessing NIST SP 800-171 Security Requirements in Response to DFARS Cybersecurity Requirements



Patricia R. Toth


This Handbook provides guidance on implementing NIST SP 800-171 in response to the Defense Federal Acquisition Regulation Supplement (DFARS) clause 202.254-7012 "Safeguarding Covered Defense Information and Cyber Incident Reporting." The Handbook provides a step-by-step guide to assessing a small manufacturer's information systems against the security requirements in NIST SP 800-171 rev 1, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations."
Handbook (NIST HB) - 162
Report Number


cybersecurity, security requirement, NIST SP 800-171 rev 1, NIST MEP, small manufacturer, DFARS
Created November 20, 2017, Updated November 10, 2018