CPGF NIST 800-171 Rev 3 - Foundational (Level 1-2)

Overview

This is the Level 1-2 tier of the NIST 800-171 Rev 3 Policy Package. It delivers the shorter, foundational policy structure at RPMM Levels 1-2 (Foundational) including essential policy language, basic roles and responsibilities, core procedural statements.

What Is Inside

The package covers all 17 families in Rev 3 covering access control, awareness and training, audit and accountability, configuration management, identification and authentication, incident response, maintenance, media protection, personnel security, physical protection, risk assessment, security assessment, system and communications protection, system and information integrity, planning, supply chain risk management, and program management.

Who Buys This Package

NIST 800-171 Rev 3 is designed for non-federal organizations storing, processing, or transmitting Controlled Unclassified Information.

CPGF Governance Built In

Every policy passes the 72-check CPGF audit engine before delivery: structural checks, control coverage, cross-reference integrity, framework mapping accuracy, metadata completeness, and RPMM tier compliance.

Format and Delivery

All documents delivered as fully editable Microsoft Word (.docx) files with framework version stamped in the header. You customize organization name, systems, and environment-specific details. Delivered within minutes via secure email after checkout and e-signature acceptance.

Framework Alignment

Required for DFARS 252.204-7012 compliance and feeds directly into CMMC Level 2.