Blog

NIST 800-171 Rev2 & NIST 800-171B

Posted by ComplianceForge on Jun 19th 2019

The draft of NIST 800-171 rev2 was released today. Most importantly, there are no changes to the controls (e.g., basic and derived security requirements in chapter 3) from NIST 800-171 rev 1. Howev … read more

OMB M-19-03 Compliance

Posted by ComplianceForge on May 6th 2019

In late 2018, the Office of Management and Budget (OMB) released a memorandum that pertains to strengthening cybersecurity practices for High Value Assets (HVAs), which also includes privacy consid … read more

DCMA To Begin Official NIST 800-171 Audits

Posted by ComplianceForge on Feb 4th 2019

On January 21, 2019, Ellen Lord, the Under Secretary of Defense for Acquisition and Sustainment (A&S), published a memorandum that directed the Defense Contract Management Agency (DCMA) to include … read more
​Security & Privacy by Design (S|P) Principles

​Security & Privacy by Design (S|P) Principles

Posted by ComplianceForge on Sep 7th 2018

Secure Controls Framework (SCF) Security & Privacy by Design (S|P) PrinciplesThe concept of building security and privacy into technology solutions both by default and by design is a basic expect … read more