0 Reviews
$5,500.00 $4,950.00
(You save $550.00)
Email Delivery Within 1-2 Business Days

NIST 800-171 Bundle 5: NCP-CIRP

Maximum file size is 4.88 MB, file types are jpg, gif, tiff, bmp

NIST 800-171 Compliance Bundle #5 (10% Discount)

This is bundle is basically the same as NIST 800-171 bundle #2, but is tailored for small and medium businesses that do not want the added complexity of NIST 800-53 alignment. 



Products Included in NIST 800-171 Compliance Bundle #5

This package contains the NCP and the CIRP products:

NIST  800-171 Compliance Program (NCP)

The NCP is comparable to the NCC Bundle #1 that provides the NIST 800-53 based version of these products, but offers a price break of over $700! ComplianceForge took existing documentation and pared it down for smaller organizations that do not need or want the complexity of NIST 800-53 when complying with NIST 800-171. The NCP includes the following documents as part of its own unique bundle:

  • NIST 800-171 Compliance Program - Microsoft Word document that addresses NIST 800-171 policies and standards.
  • Cybersecurity Standardized Operating Procedures (CSOP) - Microsoft Word document that contains cybersecurity procedures that correspond to the policies and standards.
  • System Security Plan (SSP) - Microsoft Word document that is a simplified version of our SSP product.
  • NIST 800-171 Cybersecurity Program Mapping - Microsoft Excel document that contains several components:
    • Plan of Action & Milestones (POA&M) template.
    • Mapping from the NCP to NIST 800-171, NIST 800-53, NIST 800-160, ISO 27002 and NIST CSF.
    • Methods to comply with NIST 800-171 (essentially a pared down NIST 800-171 Compliance Criteria (NCC) spreadsheet)
    • Roles and responsibilities (corresponds to the Cybersecurity Standardized Operating Procedures)
  • Cybersecurity Awareness Training - Microsoft PowerPoint template to provide cybersecurity awareness training.

Cybersecurity Incident Response Program (CIRP)

  • The CIRP addresses the “how?” questions for how your company manages cybersecurity incidents.
  • This is primarily an editable Microsoft Word document, but it comes with Microsoft Excel and Microsoft Visio templates.
  • In summary, this addresses fundamental needs when it comes to incident response requirements:
    • Defines the hierarchical approach to handling incidents.
    • Categorizes eleven different types of incidents and four different classifications of incident severity.
    • Defines the phases of incident response operations, including deliverables expected for each phase.
    • Defines the Integrated Security Incident Response Team (ISIRT) to enable a unified approach to incident response operations.
    • Defines the scientific method approach to incident response operations.
    • Provides guidance on how to write up incident reports (e.g., lessons learned).
    • Provides guidance on forensics evidence acquisition.
    • Identifies and defines Indicators of Compromise (IoC).
    • Identifies and defines sources of evidence.   
  • The CIRP contains “tabletop exercise” scenarios, based on the categories of incidents.
  • This helps provide evidence of due care in how your company handles cybersecurity incidents.
  • The CIRP is based on leading frameworks, such as NIST 800-37, NIST 800-39, ISO 31010 and COSO 2013.


Related Products

Related Products


Find Out Exclusive Information On Cybersecurity