Home » Controlled Unclassified Information [CUI]

Picture of Security Standards

Controlled Unclassified Information [CUI] Compliance

[CUI] Compliance is no Longer a Suggestion

Controlled Unclassified Information or CUI has become more than a suggestion for Federal Contractors.  CUI compliance is mandated for all Federal contractors, as well as non-profits and subcontractors that receive federal funding.  These mandadory Corporate and Orgainizational requirements are CUI, DFARS or NIST SP 8000-171, Revision 1.

At Duffy Consulting Services, we are deep into the CUI compliance Assessment services our business provides.  We see this increasing as large prime contractors and their subcontractors are inquiring about compliance and indicating that contracts can be removed or eliminated unless compliance is demonstrated.  As emphasis on cyber security increases, we are encountering a larger number of small business sub contractors asking what they can do to ensure compliance.

The fact is that a contractor’s ability to demonstrate compliance when questions are asked about how your organization is protecting CUI will determine your abiity to accept or maintain contracts with the Federal Government, whether as a prime or subcontractor.

What are the Requirements & Can My Orgainization Comply?

The CUI requirements apply to all components of the federal and non-federal information systems and orgainizations that posess, store or transmit CUI.  If your organization provides protection or security for these areas, the requirement also applies.

GSA published the IT 70 Schdule Mass Modification to help clarify and specify individual security controls for CUI Compliance.  This is where specific requirements are clarified for security controls stated in NIST SP 800-171.

Security Consulting Services from DuffyConsulting.us now perform CUI Compliance Assessments and Consultation.  Any prime contractors or subcontractors that utilizes CUI information will need to meet this mandate to continue working with government entities.  Prime contractors will appreciate Duffy Consulting Services (DCS) enterprise management application that will ensure compliance among their subcontractors and supply chain.

Call us today at 301-345-0345 to book your CUI compliance assessment to ensure your compliance before an audits.  A Free 15-minute consultation will help you understand exactly what is needed to avoid problems with noncompliance with these new regulations.  A few minutes now may ensure your ability to continue as a Federal contractor (prime or sub).


Duffy Consulting Services

Cyber Security Consulting and Analyst Services

Consulting Services

Discovery | Assessments | Compliance Services

  • Controlled Unclassified Information [CUI]
  • Security Control Analysis and Management