An official website of the United States government
Here's how you know
Official websites use .mil
A
.mil
website belongs to an official U.S. Department of Defense organization in the United States.
Secure .mil websites use HTTPS
A
lock (
lock
)
or
https://
means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.
Skip to main content (Press Enter).
ABOUT
Our Core Values
Our Core Attributes
Mission
Our Heritage
About
LEADERSHIP
Secretary of the Navy
Flag Officer Biographies
Chief of Naval Operations
Vice Chief of Naval Operations
Master Chief Petty Officer of the Navy
Chief of Naval Personnel
Senior Executives
Leadership
PRESS OFFICE
Press Briefings
Press Releases
Testimony
Speeches
Statements
News Stories
Press Office
ALL HANDS
PAY & PERSONNEL
MyNavy HR
Contact MyNavy Career Center
Military Careers
Civilian Careers
Pay & Personnel
RESOURCES
Photo Gallery
Videos
Graphics Gallery
Social Media Directory
App Locker
Browse by Topic
Podcasts
Plan of the Month
DUSN Intelligence and Security
Navy Chaplain Corps
Fact Files
RSS Feeds
Frequently Asked Questions
ALNAV and NAVADMIN Messages
Contact Us
Resources
TRANSLATE
Search
Home
Resources
Videos
Home
Resources
Videos
ABOUT
Our Core Values
Our Core Attributes
Mission
Our Heritage
LEADERSHIP
Secretary of the Navy
Flag Officer Biographies
Chief of Naval Operations
Vice Chief of Naval Operations
Master Chief Petty Officer of the Navy
Chief of Naval Personnel
Senior Executives
PRESS OFFICE
Press Briefings
Press Releases
Testimony
Speeches
Statements
News Stories
ALL HANDS
PAY & PERSONNEL
MyNavy HR
Contact MyNavy Career Center
Military Careers
Civilian Careers
RESOURCES
Photo Gallery
Videos
Graphics Gallery
Social Media Directory
App Locker
Browse by Topic
Podcasts
Plan of the Month
DUSN Intelligence and Security
Navy Chaplain Corps
Fact Files
RSS Feeds
Frequently Asked Questions
ALNAV and NAVADMIN Messages
Contact Us
TRANSLATE
Playlist:
Search Results
Video by Michael Dunbar, Chad Hilton, Douglas Key
Player Embed Code:
<iframe width='500' height='300' scrolling='no' frameborder='0' style='border: none; overflow: hidden; width: 500px; height: 300px;' allowtransparency='true' src='https://www.dvidshub.net/video/embed/807319'></iframe>
Download
Embed
Share
Cybersecurity Compliance: An Introduction to DFARS 252.204-7012 and NIST SP 800-171 Requirements
Defense Contract Management Agency
July 20, 2021 | 6:29
A presentation of the concepts related to the regulatory requirements governing contractor cybersecurity and the handling of Controlled Unclassified Information, as well as the process of attaining and demonstrating compliance through assessment.
Glossary of Terms:
DCMA
Defense Contract Management Agency; administrating agency of the Defense Industrial Base Cybersecurity Assessment Center
Prime
Prime contractor; works directly with the government, manages any subcontractors, and are responsible for ensuring that the work is completed as defined in the contract
Sub
Subcontractor; supplier, distributor, vendor, or firm that furnishes supplies or services to or for a prime contractor or another subcontractor
Enclave
Section of an internal network that is subdivided from the rest of the network which operates in the same security domain and shares the protection of a single, common, continuous security perimeter
Basic (Contractor Self-Assessment) NIST SP 800-171 DoD Assessment (also referred to as ‘Basic’ or ‘Basic Assessment’)
The Basic Assessment is the Contractor’s self-assessment of NIST SP 800-171 implementation status, based on a review of the system security plan(s) associated with covered contractor information system(s), and conducted in accordance with NIST SP 800-171A….and Section 5 and Annex A of [the NIST SP 800-171 DoD Assessment Methodology].
Medium NIST SP 800-171 Assessment (also referred to as ‘Medium’ or ‘Medium Assessment’)
The Medium Assessment is conducted by DoD personnel who have been trained in accordance with DoD policy and procedures to conduct the assessment...will consist of a review of the system security plan description of how each requirement is met to identify any descriptions which may not properly address the security requirement. (see NIST SP 800-171 DoD Assessment Methodology)
High (On-Site or Virtual) NIST SP 800-171 DoD Assessment (also referred to as ‘High’ or ‘High Assessment’)
The High Assessment, conducted by DoD personnel who have been trained in accordance with DoD policy and procedures to conduct the assessment, requires a thorough on-site or virtual verification/examination/demonstration of the Contractor’s system security plan and implementation of the NIST SP 800-171 security requirements. (see NIST SP 800-171 DoD Assessment Methodology)
Resources:
Supplier Performance Risk System (SPRS)
https://www.sprs.csd.disa.mil/
OUSD(A&S) Strategically Assessing Contractor Implementation of NIST SP 800-171 site
https://www.acq.osd.mil/dpap/pdi/cyber/strategically_assessing_contractor_implementation_of_NIST_SP_800-171.html
NIST SP 800-171 Rev. 2
https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final
NIST SP 800-171A
https://csrc.nist.gov/publications/detail/sp/800-171a/final
DoD Procurement Toolbox – Cybersecurity in DoD Acquisition Regulations
https://dodprocurementtoolbox.com/site-pages/cybersecurity-dod-acquisition-regulations
**LATEST VERSIONS AS OF THE TIME OF VIDEO PUBLICATION.**
More
Tags
Defense Contract Management Agency
dcma
DIBCAC
Defense Industrial Base Cybersecurity Assessment Center
NIST SP 800-171
More
Up Next
Now Playing
Cybersecurity Compliance: An Introduction to DFARS 252.204-7012 and NIST SP 800-171 Requirements
More Videos
Google Translation Disclaimer
Guidance-Card-Icon
Dept-Exclusive-Card-Icon