What is the NCSP® 800-171 Awareness course?

This course introduces NIST SP 800-171 Rev. 3 and the requirements for protecting Controlled Unclassified Information (CUI) in non-federal systems.

Anyone working with CUI, federal contractors, and organisations preparing for compliance assessments.

Is certification included?

Yes. Learners receive the NCSP® 800-171 Awareness Certificate.

NIST Cybersecurity Professional®
NCSP® 800-171 Awareness Certificate

Build Awareness of NIST SP 800‑171: Protecting Controlled Unclassified Information (CUI)

NIST Cybersecurity Professional®

NCSP® 800-171 Awareness Certificate

Course Description

NIST Special Publication 800‑171, Protecting Controlled Unclassified Information in non-Federal Systems and Organizations, defines the security requirements that non-Federal organisations must implement to safeguard CUI. These requirements apply across defence, government contracting, critical infrastructure, and supply‑chain environments.

The NCSP® 800‑171 Awareness Certificate is a half‑day, instructor‑led course providing a concise introduction to the purpose, structure, and strategic value of NIST SP 800‑171. Designed for executives, managers, and stakeholders, this course explains what CUI is, why it matters, and how organisations can meet the security requirements, without requiring technical or assessor‑level expertise.

Participants gain a high‑level understanding of the 800‑171 requirement families, assessment considerations, and how 800‑171 aligns with NIST SP 800‑53, 800‑37 RMF, and broader cybersecurity governance.

What You Will Learn

Participants gain essential awareness‑level knowledge of NIST SP 800‑171. You will learn:

The purpose, scope, and evolution of NIST SP 800‑171.
What Controlled Unclassified Information (CUI) is and why it must be protected.
The structure of the 800‑171 security requirements and requirement families.
How 800‑171 supports compliance, supply‑chain assurance, and risk management.
Organisational roles and responsibilities in protecting CUI.
How 800‑171 aligns with 800‑53, RMF (800‑37), and CSF 2.0.

Course Agenda

Module 1: Introduction to NIST SP 800‑171 & Controlled Unclassified Information (CUI)

A high‑level overview of NIST SP 800‑171, its purpose, and its role in protecting CUI. Introduces the concept of CUI, its categories, and why safeguarding CUI is essential for government contractors and supply‑chain partners.

Module 2: Structure of the 800‑171 Security Requirements

An awareness‑level introduction to the organisation of the 800‑171 requirements, including:
- The 14 security requirement families
- Basic vs. derived security requirements
- Relationship to NIST SP 800‑53 controls
Explains how organisations use these requirements to build a compliant security programme.

Module 3: Roles, Responsibilities & Organisational Governance for CUI Protection

A concise overview of key roles involved in implementing and overseeing 800‑171 requirements, including system owners, security managers, compliance officers, and leadership. Covers governance structures that support accountability, documentation, and continuous monitoring.

Module 4: Applying NIST 800‑171 in Practice - Assessments, Alignment & Use Cases

An introduction to how organisations apply 800‑171 in real‑world environments. Covers alignment with RMF (800‑37), 800‑53 controls, CSF 2.0, and supply‑chain requirements such as CMMC.

Learning Outcomes

Participants will be able to:

Describe the purpose and structure of NIST SP 800‑171.
Explain what CUI is and why it must be protected.
Understand the 14 requirement families at an awareness level.
Recognise key roles and responsibilities in CUI protection.
Identify how 800‑171 aligns with RMF, 800‑53, CSF 2.0, and CMMC.
Communicate the strategic value of CUI protection to stakeholders and teams.

Who Should Attend?

This course is designed for professionals who need a foundational understanding of CUI protection and 800‑171 requirements, including:

Executives & Senior Leaders
Government Contractors & Subcontractors
Business & System Owners
Governance, Risk & Compliance (GRC) Stakeholders
Programme & Project Managers
Security & Privacy Managers
Anyone seeking an introduction to NIST 800‑171

Prerequisites

There are no prerequisites for this Awareness‑level course. No technical background is required.

Participants are provided with:

NIST Cybersecurity Professional® (NCSP®) 800-171 Awareness Certificate courseware including links to further reading and resources.
NIST Cybersecurity Professional® (NCSP®) 800-171 Awareness Certificate, Certificate of Completion.
NIST Cybersecurity Professional® (NCSP®) 800-171 Awareness Certificate digital badge.

Enrol Today

This NCSP 800‑171 Awareness course provides students with a high‑level understanding of CUI protection requirements and the structure of the NIST 800‑171 security controls.