CMMCDocs.comHome / Glossary / System and Communications Protection (SC) Family
System and Communications Protection (SC) Family
Also known as: SC family
The SC family covers 16 NIST SP 800-171 requirements governing boundary protection, encryption, network security, and communications.
The System and Communications Protection (SC) family contains 16 NIST SP 800-171 Rev 2 security requirements — making it one of the larger families. It governs how the contractor protects in-scope systems and the communications that flow between them.
Key SC requirements include monitoring and controlling boundary communications (SC.L2-3.13.1), implementing subnetworks for publicly accessible system components (SC.L2-3.13.5), denying network communications by default and allowing by exception (SC.L2-3.13.6), preventing remote devices from simultaneously connecting (SC.L2-3.13.7), implementing FIPS-validated cryptography to protect CUI in transit (SC.L2-3.13.8), employing FIPS-validated cryptography for the confidentiality of CUI (SC.L2-3.13.11), and protecting CUI at rest (SC.L2-3.13.16).
The SC family is typically owned by network and security engineering. SC.L2-3.13.11 (FIPS validation) is one of the most common assessment failure points.
Stop Googling. Start working.
CMMCDocs has all 110 NIST SP 800-171 Rev 2 requirements built in — with the language, the templates, and the evidence vault you need. Spin up a free demo workspace and click around the way an assessor would.
Get my demo account