NIST SP 800-171 & CMMC 2.0 3.9.1 Requirement:

Screen individuals prior to authorizing access to organizational systems containing Federal Contract Information.

NIST SP 800-171 & CMMC 2.0 3.9.1 Requirement Explanation:

Personnel security screening (vetting) involves the evaluation of an individual\’s trustworthiness prior to authorizing access to systems containing CUI.

Example NIST SP 800-171 & CMMC 2.0 3.9.1 Implementation:

Perform federal background checks on individuals before granting them access to systems that contain CUI. If you conduct federal background checks on all employees before hiring them then you are meeting this requirement.

NIST SP 800-171 & CMMC 2.0 3.9.1 Scenario(s):

- Scenario 1:

Your company wins a DoD contract where it will handle “Controlled Unclassified Information” (CUI). You instruct Human Resources to perform a federal background check on all individuals who will work on the contract.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

 NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
 HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
 FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
 ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.