NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.
Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.
An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
NIST MEP CYBERSECURITY Self-Assessment Handbook for Assessing NIST SP 800-171 Security Requirements in Response to DFARS Cybersecurity Requirements
Published
Author(s)
Patricia R. Toth
Abstract
This Handbook provides guidance on implementing NIST SP 800-171 in response to the Defense Federal Acquisition Regulation Supplement (DFARS) clause 202.254-7012 "Safeguarding Covered Defense Information and Cyber Incident Reporting." The Handbook provides a step-by-step guide to assessing a small manufacturer's information systems against the security requirements in NIST SP 800-171 rev 1, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations."
Toth, P.
(2017),
NIST MEP CYBERSECURITY Self-Assessment Handbook for Assessing NIST SP 800-171 Security Requirements in Response to DFARS Cybersecurity Requirements, Handbook (NIST HB), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.HB.162
(Accessed October 6, 2025)