IRS 1075 and NIST | How Do NIST Guidelines Affect IRS 1075 Regulations?

Mar 9, 2022 Lazarus Alliance 0 Comment

The Internal Revenue Service is one of the largest and most essential federal government agencies… which means that there is a lot of opportunity for third-party contractors and managed service providers to offer products to support its mission. It also means that these contractors will be expected to adhere to security standards, specifically those outlined in IRS 1075.

Fortunately, IRS 1075 is aligned with other federal standards, all of which provide a sound security footing and potential to pivot services to other government agencies. Here, we’ll discuss some overlap between IRS 1075 and federal standards, specifically those related to the National Institute of Standards and Technology (NIST).

What is NIST SP 800-171 and What Role Does it Play in Defense Contracting Compliance?

Oct 22, 2021 Lazarus Alliance 0 Comment

The document library of the NIST website can be daunting and seemingly endless in terms of the various frameworks, controls and requirements that it provides. The 800 series, in particular, while important and, in many cases, necessary, is also hard to penetrate if you don’t already have some knowledge of what it contains. This can challenge organizations working with the DoD supply chain, especially those handling classified or sensitive material.

This article will cover one of these publications: NIST 800-171. This document defines security for a specific form of government information that many contractors under the executive or defense departments: CUI. While important, this document also informs several important security frameworks, namely CMMC.

What is NIST Special Publication 800-53 and Why is it Important for FedRAMP Certification?

Jan 15, 2021 Lazarus Alliance 0 Comment

Cloud providers and Managed Service Providers are increasingly looking to expand their potential client base and instill trust with their existing partners. One way they do this is through meeting compliance audits and standards in areas like healthcare and government (like FedRAMP or HIPAA), and the more stringent and comprehensive the better. That’s why many cloud providers look to federal compliance and contract work.

FedRAMP compliance, required for cloud providers in the federal space, isn’t an easy standard to meet. It requires working closely with an authorized security partner and meeting the exacting security IT control standards outlined in NIST Special Publication 800-53.