NIST SP 800-171 Assessments for DoD Contractors

Obtaining and demonstrating compliance with the new National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 regulations does not need to be difficult or expensive. IAPMO R&T is fully prepared to perform NIST SP 800-171 gap analysis and compliance assessments for Department of Defense primary and subcontractors all over the United States to help them comply with Defense Federal Acquisition Regulation Supplement (DFARS) regulations. We have streamlined the entire compliance process, reducing the time and resources needed for you to comply.

The two-step process consists of a gap analysis and a compliance assessment.


The gap analysis discovers gaps between your current NIST SP 800-171 program and the new NIST SP 800-171 requirements. Our highly qualified assessment team will take a close look at your network and procedures and will interview your internal IT team to determine the level of NIST SP 800-171 compliance. Our assessment team will provide you with a detailed gap analysis report identifying gaps and ideas on how to fill them so that you and your team can create your own remediation plan for NIST SP 800-171 compliance.

The gap analysis also includes:

  • CMMC Level 3: Our team will provide a detailed gap analysis report identifying the necessary steps to become CMMC Level 3 compliant.
  • System Security Plan (SSP): This document identifies the functions and features of your information system, including the Plan of Action and Milestones (POA&M). The POA&M is a document that outlines the action items needed to reach compliance and the timeline to get there. In its final guidance, the Department of Defense states that an SSP and a POA&M are required in order to prove you are working toward a state of compliance.

The gap analysis only costs $2,000 and can be completed remotely in one day. On-site assessment is offered at the client’s request.


Once the gaps in the gap analysis report have been addressed and your organization is ready to verify compliance to NIST SP 800-171 and CMMC Level 3, IAPMO R&T can provide a compliance assessment. Once the items in the compliance assessment have been addressed, IAPMO R&T will provide you with a NIST SP 800-171 Compliance Certification.

Contact us today at (877) MY-ISO-1 or to schedule your compliance assessment!