The Security Auditor's Guidebook for NIST 800-171: A Comprehensive Approach to Cybersecurity Validation and Verification

THE COMPLETE NIST 800-171 SECURITY AUDITOR'S GUIDEThis book supports the federal government and its contracted support personnel in efficiently and effectively validating and verifying that businesses meet the new federal cybersecurity contract requirements. While NIST 800-series describe "what" to do, this series is designed to help security professionals on "how" to properly inspect the 110 NIST 800-171 security controls.It is written based upon NIST and federal government best-practices to ensure companies, their prime and subcontractors, have properly secured their Information Technology (IT) environments connected to federal agencies' vast arrays of IT networks. Furthermore, NIST 800-171 is more specifically about protecting Controlled Unclassified Information (CUI) from loss, damage or compromise. The expanded requirement is designed to create a more secure US and international IT environment responsive and proactive to both internal and external cyber-threats.