I built this because it was challenging to find resources for NIST 800-171 Revision 3 and CMMC compliance.
By going through the 800-171 controls, you can generate a markdown file with all statuses and notes for each security control. Withdrawn controls are filtered out from the revision 2 -> revision 3 migration.
- Stores data client-side using IndexedDB, ensuring no privacy concerns
- Generates a markdown file for compliance (Good for System Security Plan!)
- Allows for exporting and importing the database for archived storage
- Go to nist-sp-800-171
- Start working through security controls for a family
- Choose whether it has been implemented or not, and any notes
- Click the upper right menu
- Click
Generate Reportto download a markdown document
- 🟢 A family, requirement, or security requirement is implemented.
- 🔴 A family, requirement, or security requirement is not implemented.
- ⚫ A family, requirement, or security requirement is not applicable.
- ⚪ A family, requirement, or security requirement has not been started (default).
- 🟡 A family or requirement is partially implemented (some security requirements are implemented and not implemented)
- 🚧 A family or requirement has remaining work.
All data is stored locally on your device using IndexedDB. There are no privacy concerns, as no data is sent to any server.
- NIST 800-171 Revision 3 Final.
- JSON used for the application from csrc.nist.gov.
- CMMC COA is a great resource as well for CMMC.
This project is licensed under the MIT License. I have no affiliation with NIST.
Made the app in a couple days... don't expect the best code.