NIST Special Publication 800 NIST SP 800-171r3

The Security Requirements

03.09.01: Personnel Screening

Personnel security screening activities involve the assessment of the conduct, integrity, judgment, loyalty, reliability, and stability of an individual (i.e., the individual’s trustworthiness) prior to authorizing access to the system or when elevating system access…

03.09.02

Security-related system property includes hardware authentication tokens, system administration technical manuals, keys, identification cards, and building passes…

The Security Requirements

NIST SP 800-171r3 (USA) & ITSP.10.171 (Canada)

3.1. Access Control

3.2. Awareness and Training

3.3. Audit and Accountability

3.4. Configuration Management

3.5. Identification and Authentication

3.6. Incident Response

3.7. Maintenance

3.8. Media Protection

3.9. Personnel Security

3.10. Physical Protection

3.11. Risk Assessment

3.12. Security Assessment and Monitoring

3.13. System and Communications Protection

3.14. System and Information Integrity

3.15. Planning

3.16. System and Services Acquisition

3.17. Supply Chain Risk Management

CMMC 3.0 - N/A
CPCSC - N/A