Skip to main content
Skip table of contents

Axon NIST 800-171 Compliance Bundle

National Institute of Standards and Technology Special Publication (SP) 800-171 - Axon Compliance Bundle

Disclaimer: Organizations are not required as a matter of law to comply with this document, unless legislation, or a direction given under legislation or by some other lawful authority, compels them to comply. This document does not override any obligations imposed by legislation or law. Furthermore, if this document conflicts with legislation or law, the latter takes precedence.

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

The National Institute of Standards and Technology 800-171 (NIST 800-171) provides federal agencies with recommended security requirements for protecting the confidentiality of controlled unclassified information (CUI) when the information is resident in nonfederal systems and organizations. The requirements apply to components of nonfederal systems that process, store, or transmit CUI or that provide protection for such components. The security requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and nonfederal organizations.

SP 800-171 security requirements represent a subset of the controls in NIST 800-53 that are necessary to protect the confidentiality of CUI. The security requirements are organized into 17 families. Each family contains the requirements related to the general security topic of the family.

NIST 800-171 Control Families

Identifier

Control Family

AC

Access Control

AT

Awareness and Training

AU

Audit and Accountability

CA

Assessment, Authorization, and Monitoring

CM

Configuration Management

IA

Identification and Authentication

IR

Incident Response

MA

Maintenance

MP

Media Protection

PE

Physical and Environmental Protection

PL

Planning

PS

Personnel Security

RA

Risk Assessment

SA

System and Services Acquisition

SC

System and Communications Protection

Sl

System and Information Integrity

SR

Supply Chain Risk Management

LogRhythm’s NIST 800-171 content provides augmented and direct support for multiple NIST 800-171 controls through a collection of pre-bundled searches, lists, dashboards, and reports. All Dashboards are supplied with data from the underlying searches. You can then schedule reports from the searches for periodic generation and delivery, or generate them on demand. To identify areas of non-compliance in real-time, you can leverage the dashboard for immediate analysis of activities that impact your organization's in-scope data systems.

Please refer to our User Guide for detailed information and implementation guidance on the included searches, lists, and dashboards.

NIST 800-171 content can be obtained from the compliance folder within the Axon Content GitHub repository.

Additional Resources

The NIST standards website (NIST 800-171) provides the following additional resources to assist organizations with their NIST 800-171 compliance and assessments:

  • Document Library, including:

    • SP 800-171 Rev. 3 - Available in multiple formats including PDF and Excel

    • SP 800-171A Rev. 3 - This document contains the assessment guidance for all controls in 800-171. This is how the controls will be evaluated and is critical to understanding the requirements to evidence control effectiveness.

    • Additional documents that include references to CUI recognition and analysis of changes from Rev. 2.

Refer to the Document Library at NIST 800-171 for information about these and other resources.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.