🛡️ NIST 800-171 Compliance Tool - Simple Setup

Ultra-simple setup using only HTML, CSS, and JavaScript!

📁 File Structure

nist-800-171-tool/
├── index.html          ✅ Main application file
├── styles.css          ✅ All styling
├── data.js            ✅ NIST controls data
└── script.js          ✅ Application logic

🚀 Quick Start (30 seconds!)

Step 1: Download Files

Save these 4 artifacts as files:

• index.html
• styles.css
• data.js
• script.js

Step 2: Open in Browser

1. Double-click index.html
2. That's it! The tool runs immediately in your browser

Step 3: Start Assessing

• Click on control families to expand them
• Select compliance status for each control
• Add evidence and implementation notes
• Export professional Excel reports

🎯 Features Included:

Complete NIST 800-171 Coverage

• ✅ All 110 security requirements
• 📊 14 control families with icons
• ☁️ Azure-specific implementation guidance
• 🎨 Professional, responsive design

SPRS Scoring

• +5 points for compliant controls
• -15 points for non-compliant controls
• 0 points for not applicable controls
• Real-time score calculation (0-110 scale)

Professional Dashboard

• 📈 Real-time compliance metrics
• 🎯 Progress tracking per family
• 📊 Visual progress indicators
• 🚨 Risk level assessment

Excel Export Options

1. 📋 Detailed Report - Complete assessment with all evidence
2. 📊 Dashboard Summary - Executive overview with metrics
3. ⚠️ Action Items - Prioritized non-compliant controls

Advanced Features

• 💾 Auto-save - Progress saved automatically to browser
• ⌨️ Keyboard shortcuts - Ctrl+E (export), Ctrl+D (dashboard)
• 📱 Mobile responsive - Works on all devices
• 🎨 Modern UI - Professional look and feel

💡 How to Use:

1. Assess Controls

• Click family headers to expand control lists
• For each control, select status:
  • ✅ Compliant - Fully implemented
  • ❌ Non-Compliant - Missing/inadequate
  • ⭕ Not Applicable - Doesn't apply

2. Document Evidence

• Add implementation details in text areas
• Include Azure configurations, policies, procedures
• Reference specific technologies and settings

3. Monitor Progress

• Dashboard updates in real-time
• Track progress by control family
• View overall SPRS score and compliance percentage

4. Export Reports

• Click export buttons to generate Excel files
• Professional formatting with charts and summaries
• Ready for compliance audits and management review

🔧 Customization:

Add Custom Controls

Edit data.js to add new controls:

"3.X.X": {
    description: "Your custom control requirement",
    guidance: "Implementation guidance for your environment"
}

Modify Scoring

Update scoring logic in script.js:

// Find this section and modify point values
if (status === 'compliant') {
    score = 5; // Change this value
} else if (status === 'non-compliant') {
    score = -15; // Change this value
}

Custom Styling

Modify styles.css to change:

• Colors and themes
• Layout and spacing
• Fonts and typography
• Mobile responsiveness

🌐 Browser Compatibility:

• ✅ Chrome 80+
• ✅ Firefox 75+
• ✅ Safari 13+
• ✅ Edge 80+

📱 Mobile Support:

• Fully responsive design
• Touch-friendly interface
• Optimized for tablets and phones
• Works offline once loaded

💾 Data Storage:

• Assessment data saved to browser localStorage
• Automatic backup every 30 seconds
• Data persists between sessions
• No server or database required

🚀 Deployment Options:

Option 1: Local Use

• Just open index.html in any browser
• Perfect for individual assessments
• No internet required after initial load

Option 2: Web Server

• Upload all 4 files to any web server
• Share with team members via URL
• Works with Apache, Nginx, IIS, etc.

Option 3: Cloud Deployment

• Deploy to Netlify, Vercel, or GitHub Pages
• Drag and drop the 4 files
• Get shareable URL instantly

🔒 Security Notes:

• All data stored locally in browser
• No external dependencies except Excel export library
• Works completely offline
• HTTPS recommended for production use

📊 Report Examples:

Executive Summary Sheet:

• Overall SPRS score and compliance percentage
• Risk assessment breakdown
• Control family performance
• Recommendations and next steps

Detailed Assessment Sheet:

• Complete control-by-control analysis
• Implementation evidence for each control
• Azure-specific guidance and recommendations
• Status and scoring for all 110 requirements

Action Items Sheet:

• Prioritized list of non-compliant controls
• Risk impact assessment
• Recommended remediation actions
• Implementation timelines

🆘 Troubleshooting:

Issue: Excel export not working

• Ensure internet connection for XLSX library
• Try different browser if issues persist
• Check browser console for error messages

Issue: Data not saving

• Check if localStorage is enabled
• Clear browser cache and reload
• Ensure sufficient disk space

Issue: Mobile display problems

• Try landscape orientation on phones
• Zoom out if elements appear cut off
• Use tablet or desktop for best experience

🎯 Pro Tips:

1. Start with high-risk families like Access Control (AC) and System Protection (SC)
2. Use evidence field to document specific Azure configurations and policies
3. Export regularly to track progress over time
4. Review action items to prioritize remediation efforts
5. Share dashboard exports with management for executive briefings

---

🎉 Your NIST 800-171 compliance tool is ready to use!

No installation, no setup, no dependencies - just open and start assessing! 🚀