DFARs 252.204-7012 & NIST 800-171 Foundations Course
This ABCI online self-study foundations course for NIST Special Publication 800-171 and the Defense Federal Acquisition Regulation supplement (DFARs) Clause 252.204-7012 for safeguarding and reporting Covered Defense Information (CDI).
Controlled Unclassified Information (CUI) is any information that law, regulation, or governmentwide policy requires to have safeguarding or disseminating controls.
- CUI supports federal missions and business functions that affect the economic and national security interests of the United States.
- colleges, universities,
- state, local and tribal governments,
- federal contractors and subcontractors often process, store, or transmit CUI.
NIST Special Publication 800-171 defines the security requirements for protecting CUI in non-federal information systems and organizations.
- Requirements are organized into fourteen families.
- Each family contains the requirements related to the general security topic of the family.
- In addition the Contractor shall include the clause in subcontracts for which performance will involve Covered Defense Information (CDI) or Operationally Critical Support (OCS).
- CDI is used to describe information that requires protection under DFARs Clause 252.204-7012.
- It is defined as unclassified Controlled Technical Information (CTI) or other information as described in the CUI Registry.
(http://www.archives.gov/cui/registry/category-list.html)
- CTI & CUI requires safeguarding/dissemination controls AND IS EITHER marked or otherwise identified in the contract and provided to the contractor by DoD in support of performance of the contract;
- OR the CDI is collected, developed, received, transmitted, used or stored by the contractor in performance of contract.
QMSCAPA™ stands for Quality Management System, Corrective Actions and Preventive Actions. QMSCAPA™ is a Microsoft Windows compatible computer application, which is designed to generate a CAPA log for a Quality Management System based upon the ISO Standards. 
ISO Awareness, Foundations & Internal Auditor Training