NIST SP 800-171 & CMMC 2.0 3.9.1 Requirement:
Screen individuals prior to authorizing access to organizational systems containing Federal Contract Information.
NIST SP 800-171 & CMMC 2.0 3.9.1 Requirement Explanation:
Personnel security screening (vetting) involves the evaluation of an individual\’s trustworthiness prior to authorizing access to systems containing CUI.
Example NIST SP 800-171 & CMMC 2.0 3.9.1 Implementation:
Perform federal background checks on individuals before granting them access to systems that contain CUI. If you conduct federal background checks on all employees before hiring them then you are meeting this requirement.
NIST SP 800-171 & CMMC 2.0 3.9.1 Scenario(s):
- Scenario 1:
Your company wins a DoD contract where it will handle “Controlled Unclassified Information” (CUI). You instruct Human Resources to perform a federal background check on all individuals who will work on the contract.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.