What is
NIST 800-171?

NIST 800-171 is a standrds that represent a set of security controls and guidelines that are designed to protect sensitive Controlled Unclassified Information (CUI) that is processed, stored, or transmitted by Departent of Defense subcontractors. Under DFARS 252.204-7020 DoD subcontractors are required to aleast perform a basic self assesment of their organization in reference to all controls in NIST 800-171.

Gap Analysis Service

Encompass Consultants offers gap analysis services to help your organization meet the basic assessment criteria outlined in DFARS 252.204-7020 and prepare for future compliance initiatives under NIST 800-171/CMMC guidelines. Our NIST 800-171 consulting services will enable your organization to confidently accept contracts and continue to grow and succeed.

Service Outputs

Gap Analysis Report

The Gap Analysis Report is a comprehensive report that outlines your organization's current security posture in relation to the required controls outlined in the NIST 800-171 framework.

Documentation Package

We provide a comprehensive documentation package of policies and procedures which will help your team understand key Information Security principles and remedy many areas quickly.

Plan of Action and Milestones (POA&M)

The Plan of Action and Milestones (POA&M) is a document that outlines an organization's planned actions, resources, and timelines for addressing any identified gaps or weaknesses in meeting the controls in NIST 800-171.

System Security Plan (SSP)

The System Security Plan (SSP) is a comprehensive document that outlines your organization's current implementation of security controls to protect Controlled Unclassified Information (CUI).

SPRS Score

The Supplier Performance Risk System (SPRS) score is a quantitative assessment of you organization's compliance with NIST 800-171. This score is submitted into the PIEE system and used by the Department of Defense (DoD) to evaluate the cybersecurity risk.

Our Methodology

Encompass Consultants has worked for many years to perfect our methodologies in providing the highest quality gap analysis services.

Contact Us
We Deliver Above and Beyond

At Encompass Consultants, we believe in providing a comprehensive range of deliverables to set your organization on a strong path to future success. In addition to all other deliverables, we offer a comprehensive documentation package containing policies and procedures that outline industry-standard practices across all areas of a healthy information security management system (ISMS).

State-of-the-Art Software

Encompass Consultants has developed software for performing NIST 800-171/CMMC gap analysis, which saves time and reduces the potential for errors during the process. Our software streamlines the gap analysis process for your organization.

Years of Well-Established Success

Encompass Consultants has worked with 100s of organizations to achieve compliance with a 100% success rate in accomplishing our clients’ objectives.

A few clients we've worked with


Frequently Asked Questions

How long does the gap analysis take?
What does it cost?
What is the purpose of NIST 800-171?
Who needs to comply with NIST 800-171?
What are the security controls and guidelines outlined in NIST 800-171?
How does NIST 800-171 relate to other cybersecurity guidelines and standards?
Is certification under the CMMC program required to comply with NIST 800-171?

Encompass Consultants

Encompass Consultants, is a father and son owned business. Founded with the intention of helping organization’s navigate the complex world of compliance. We pride ourselves on our personalized approach and our commitment to providing high quality services to each and every one of our clients. Whether you are a small business owner or a large corporation, we have the knowledge and expertise to assist you with all of your compliance needs.

Related Standards

Get on Track Towards Your Compliance Goals

Contact us today for a free quote from a compliance specialist