Skip to Main Content

NIST 800-171 and CIS Critical Security Controls Gap Analysis

This is a questionnaire based on the CIS Critical Security Controls and mapped to the NIST 800-171 standard. It helps you identify what security controls you are lacking to be in compliance with both the NIST 800-171 standard and the CIS Critical Controls. After you have completed and returned the questionnaire, we will generate a report with the steps necessary to become compliant with the security controls in both the CIS Critical Controls and in NIST 800-171.

NIST 800-171 was chosen by the U.S. Department of Education as the control set of choice to be in compliance with the security requirements of GLBA. See the Department's Dear Colleague letter.

The CIS Critical Controls was chosen as the control set of choice by the state of California in the 2016 Data Breach report.

Please fill out the form below so we can provide you with the self-assessment.