CMMCDocs.comHome / Glossary / Interim Safeguards
Interim Safeguards
Also known as: Compensating controls
Temporary controls put in place to mitigate the risk of an unmet NIST SP 800-171 requirement while the contractor works to fully implement it.
Interim safeguards — sometimes called compensating controls — are temporary measures put in place to mitigate the risk of an unmet or partially-met NIST SP 800-171 requirement while the contractor works to fully implement it. They are typically documented as part of a POA&M item.
For example, if a contractor has not yet deployed full application allowlisting, they might implement an interim safeguard of weekly software inventory reviews and an explicit policy requiring user approval before installing new software.
A C3PAO will look for documented interim safeguards on every open POA&M item.
Stop Googling. Start working.
CMMCDocs has all 110 NIST SP 800-171 Rev 2 requirements built in — with the language, the templates, and the evidence vault you need. Spin up a free demo workspace and click around the way an assessor would.
Get my demo account