The NIST SP 800-171 / DFARS 252.204-7012 controls don't say how frequently to run an assessment, but we'd recommend at a minimum twice a year or every quarter. DFARS Compliance 3.5.3: Identification and Authentication NIST also provides guidance documents and recommendations through its Special Publications (SP) 800-series. NIST guidelines often become the foundation for best practice recommendations across the security industry and are incorporated into other standards.
Apr 18, 2017 · The December 31, 2017 deadline for compliance is looming. Being prepared to meet these standards could be the difference in winning the program, receiving the grant, getting paid, or not. Worse, by not meeting requirements organizations can face litigation and fines costing a fortune. Implementing NIST SP 800-171