Information SecurityUnited States
NIST SP 800-171 Rev 3
NIST SP 800-171 Rev 3 (May 2024). Restructured requirements for CUI protection.
Domains
Supply Chain Risk Mgmt 03.17
System Services Acquisition 03.16
Planning 03.15
System Information Integrity 03.14
System Communications Protection 03.13
Compare NIST SP 800-171 Rev 3
NIST SP 800-171 Rev 3 vs ISO 27001:2022View comparison →NIST SP 800-171 Rev 3 vs SOC 2View comparison →NIST SP 800-171 Rev 3 vs NIST CSF 2.0View comparison →NIST SP 800-171 Rev 3 vs GDPRView comparison →NIST SP 800-171 Rev 3 vs HIPAAView comparison →NIST SP 800-171 Rev 3 vs PCI DSS 4.0View comparison →
NIST SP 800-171 Rev 3 by Industry
NIST SP 800-171 Rev 3 by Role
Frequently Asked Questions
What is NIST SP 800-171 Rev 3?
NIST SP 800-171 Rev 3 (May 2024). Restructured requirements for CUI protection.
How many controls does NIST SP 800-171 Rev 3 have?
NIST SP 800-171 Rev 3 contains 97 controls organized across 34 domains.
Where does NIST SP 800-171 Rev 3 apply?
NIST SP 800-171 Rev 3 is applicable in United States. Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.
What frameworks does NIST SP 800-171 Rev 3 map to?
NIST SP 800-171 Rev 3 has control-to-control mappings with 7 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.
How do I get started with NIST SP 800-171 Rev 3 compliance?
Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.
How ready are you for NIST SP 800-171 Rev 3?
Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.