Cybersecurity

Josef Kamara, CPA, CISSP, CISA · Updated May 6, 2026 · 1 minute read

NIST SP 800-171

NIST Special Publication 800-171 defines 110 security requirements for protecting Controlled Unclassified Information in nonfederal systems. CMMC Level 2 maps directly to NIST SP 800-171 Revision 2, making it the operational foundation for defense contractor cybersecurity certification.

From the library

The full analysis on NIST SP 800-171.

The article is where the term meets the practitioner. Read how this concept actually shows up in audit, in remediation, and in the boardroom.

Read the analysis →
The Authority Brief

One compliance analysis per week from Josef Kamara, CPA, CISSP, CISA. Federal and private compliance, written for practitioners.