NIST 800-171 Compliance - Monthly Checklist

The list below states who and what. It’s partially up to you to determine the final thresholds and timelines. Generally, doing less but more consistently and more thoroughly is better than inconsistent or incomplete. Do what you can, do it well, and stay the course.

1. IT Team: Review employees with Admin Privileges
2. IT Team: Review access rights for all users with elevated privileges
3. IT Team: Review access records related to users with elevated rights; ensure actions taken are approved and appropriate
4. IT Team: Review access records related to employees who were hired within 60 days
5. IT Team: Compare the list of employees terminated during last 60 days with a list of current active accounts. Disable any user accounts for terminated employees. Also review list of all system accounts
6. IT Team: Review access records related to employees who were terminated within 60 days
7. IT Team: Review overall access records and events for drives containing CUI, ensure logging is functioning as expected, and that all user actions on CUI are being tracked and documented
8. IT Team: Conduct scan of local network for unknown devices
9. IT Team: Ensure necessary updates are completed for all systems that process, store, or transmit CUI
10. Compliance Officer: Conduct inventory of hard-copy documents with CUI and compare with previous month's checks to ensure all document copies are destroyed, stored, or delivered appropriately
11. IT Team: Sample 10% of systems to ensure backup or alternative systems function properly
12. IT Team: Sample 10% of systems to ensure change management policies are valid, that processes are being followed, results of changes are measured, and documentation is complete
13. Compliance Officer: Review 75 random hours of surveillance footage at high speed for to ensure that it is functioning as expected during appropriate hours
14. IT Team: Review cryptographic connection requirements in GPO, browser settings, and firewall to ensure acceptable standards are met on a sample of 10% of systems
15. IT Team: Check hard drive encryption
16. Office Manager: Inventory all media containing sensitive or confidential data that is not encrypted. document with reasons for not encrypting it; Determine if stronger protections are available and applicable for each item;
17. Compliance Officer: Review files stored in shared drives for sensitive or confidential files
18. Compliance Officer: Physically inspect secure areas to ensure locks and protections are in good working order
19. Compliance officer: Review all NDAs, ensure they are current, and update as necessary
20. IT Team: Bundle all auto generated Antivirus Report tickets for the previous month to compliance check ticket
21. IT Team: Verify Group Policy - “gpresult” output on 10% of total workstations; This output should be reported by scripts that run automatically on each workstation. Just review the script output and make sure it's accurate, appropriate, and consistent
22. IT Team: Verify Flash is set to "Click to play" on 10% of total workstations
23. Compliance Officer: Send email reminder to employees regarding their job related maintenance of required skills and qualifications
24. Office Manager: Inventory all plain text media containing sensitive or confidential data with reasons for using lower standards; Determine if stronger protections are available and applicable for each piece of media;
25. IT Team: Review sample of 10% of tickets related to servers, firewall, or network architecture. Ensure rollback strategy is being documented in each ticket and that a second individual is reviewing the effectiveness of the changes  implemented.