On September 29, 2020, the U.S. Department of Defense (DoD) issued an interim rule to implement a DoD Cybersecurity Assessment Methodology. The purpose is to assess contractor implementation of cybersecurity requirements and to enhance the protection of Controlled Unclassified Information (CUI) within the DoD supply chain. All DoD contractors needed to be compliant with NIST SP 800-171 by November 30, 2020 to be eligible to receive contracts from the DoD.
GovSmart is pleased to announce that it is compliant with 110 of the 110 requirements. To achieve this score, GovSmart has worked hard to put the appropriate IT infrastructure in place to properly manage cybersecurity and to safeguard CUI. GovSmart also updated its policies and procedures to document the proper use of GovSmart IT equipment and networks, including the handling of CUI. All applicable employees now have the resources available to know the best practices for handling sensitive information.
The full NIST SP 800-171 publication is available here.