The Connection Between CDI, DFARS and Ultimately NIST 800-171
CDI – Covered Defense Information
DFARS vs NIST Visual Representation
To put it simply, you’ve been awarded a contract. Within that contract is information the DoD has considered “sensitive”. This could be anything from schematics or blueprints to something as simple as an address or a name. Whatever the case may be, in order to maintain the contract, your client needs you to comply with the clause
DFARS 252.204-7012 Safeguarding Covered Defense Information.

You can prove that you comply with this clause by providing specific documentation stating you have checked your cyber environment against the standard NIST 800-171.
bottom line:
You’ve got a contract with a client that contains CDI. Your client is requesting compliance with DFARS to show that your organization can handle that CDI. In order to prove compliance, you need specific documentation showing that you’ve done an assessment of your cyber-security against the standard NIST 800-171. Producing this documentation can seem like a lot, but it doesn’t have to be.
Free 14-Day Trial
Acquiring this documentation can be as simple as taking a survey.