Editor’s Note: See also, Cost-Effectiveness: The Prerequisite for Cybersecurity Regulation.
NIST is publishing Special Publication (SP) 800-171A, Assessing Security Requirements for Controlled Unclassified Information (CUI). It is intended to help organizations develop assessment plans and conduct efficient, effective, and cost-effective assessments of the CUI security requirements defined in SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations.
Please submit questions to email@example.com.
Publication details: https://csrc.nist.gov/publications/detail/sp/800-171a/final