CUI Registry
***** REMINDER FROM THE EXECUTIVE AGENT *****
Existing practices for sensitive unclassified information remain in effect until the CUI marking implementation deadline (TBD).
General Guidelines
Marking: CUI markings will be developed and scheduled for implementation following Executive Agent review of agency initial compliance plans and publication of additional guidance.
Safeguarding: For each CUI category and subcategory, federal agencies shall comply with information security requirements defined by the National Institute of Standards and Technology (NIST). Federal agencies shall consult the following NIST publications for guidance on implementing specific measures to safeguard CUI:
- Federal Information Processing Standards Publication 199, Standards for Security Categorization of Federal Information and Information Systems
- Federal Information Processing Standards Publication 200, Minimum Security Requirements for Federal Information and Information Systems
- Special Publication 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations
- Special Publication 800-60, Revision 1, Guide for Mapping Types of Information and Information Systems to Security Categories
Dissemination: CUI shall be disseminated only to individuals who require the information for an authorized mission purpose.
Decontrol: Information shall be decontrolled as soon as possible when it no longer requires safeguarding measures and dissemination controls pursuant to its associated authorities. CUI that has been publicly released via authorized agency procedures shall be considered decontrolled.
CUI Categories
Select Category to view associated Subcategories and Markings.
| Category | Description |
|---|---|
| Agriculture | Information related to the agricultural operation, farming or conservation practices, or the actual land of an agricultural producer or landowner. |
| Copyright | Copyright is a form of protection provided by the laws of the United States (17 USC) to the authors of "original works of authorship," including literary, dramatic, musical, artistic and certain other intellectual works. This protection is available to both published and unpublished works. |
| Critical Infrastructure | Systems and assets, whether physical or virtual, so vital that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters, across any Federal, State, regional, territorial, or local jurisdiction. |
| Emergency Management | Related to information concerning the continuity of executive branch operations during all-hazards emergencies or other situations that may disrupt normal operations. |
| Export Control | Unclassified information concerning certain items, commodities, technology, software, or other information whose export could reasonably be expected to adversely affect the United States national security and nonproliferation objectives. To include dual use items; items identified in export administration regulations, international traffic in arms regulations and the munitions list; license applications; and sensitive nuclear technology information. |
| Financial | Related to the duties, transactions, or otherwise falling under the purview of financial institutions or United States Government fiscal functions. |
| Foreign Government Information | Information provided by, otherwise made available by, or produced in cooperation with, a foreign government or international organization. |
| Geodetic Product Information | Related to imagery, imagery intelligence, or geospatial information. |
| Immigration | Related to admission of non-US citizens into the United States and applications for temporary and permanent residency. |
| Information Systems Vulnerability Information | Related to information that if not protected, could result in adverse effects to information systems. Information system means a discreet set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information. |
| Intelligence | Related to intelligence activities, sources, or methods. |
| Law Enforcement | Related to techniques and procedures for law enforcement operations, investigations, prosecutions, or enforcement actions. |
| Legal | Information related to proceedings in judicial or quasi-judicial settings. |
| North Atlantic Treaty Organization (NATO) | Related to information generated by North Atlantic Treaty Organization (NATO) member countries under the North Atlantic Treaty international agreement, signed on April 4, 1949. |
| Nuclear | Related to protection of information concerning nuclear reactors, materials, or security. |
| Patent | Patent is a property right granted by the Government of the United States of America to an inventor "to exclude others from making, using, offering for sale, or selling the invention throughout the United States or importing the invention into the United States" for a limited time in exchange for public disclosure of the invention when the patent is granted. |
| Privacy | Refers to personal information, or, in some cases, "personally identifiable information," as defined in OMB M-07-16, or "means of identification" as defined in 18 USC 1028(d)(7). |
| Proprietary | Material and information relating to, or associated with, a company's products, business, or activities, including but not limited to financial information; data or statements; trade secrets; product research and development; existing and future product designs and performance specifications. |
| SAFETY Act Information | Defined as “SAFETY Act Confidential Information” in 6 CFR Part 25, the regulations implementing the Support Anti-terrorism by Fostering Effective Technologies Act of 2002, SAFETY Act Information includes any and all information and data voluntarily submitted to the Department of Homeland Security under this part (including Applications, Pre-Applications, other forms, supporting documents and other materials relating to any of the foregoing, and responses to requests for additional information), including, but not limited to, inventions, devices, Technology, know-how, designs, copyrighted information, trade secrets, confidential business information, analyses, test and evaluation results, manuals, videotapes, contracts, letters, facsimile transmissions, electronic mail and other correspondence, financial information and projections, actuarial calculations, liability estimates, insurance quotations, and business and marketing plans. |
| Statistical | Refers to information collected by a Federal statistical agency, unit, or program for statistical purposes or used for statistical activities; under law, regulation, or Government-wide policy such 'Statistical' CUI requires: (1) protection from unauthorized disclosure; (2) special handling safeguards; and/or (3) prescribed limits on access or dissemination. |
| Tax | Related to a compulsory contribution to government revenue involving information regarding returns or taxpayers. |
| Transportation | Related to any mode of travel or conveyance by air, land, or waterway. |
Subcategories and Markings
Select Column Heading to sort.
Select Category-Subcategory to view associated Authorities and Sanctions.
PDF files require the free Adobe Reader.
More information on Adobe Acrobat PDF files is available on our Accessibility page.
Blogs
Facebook
Flickr
RSS Feeds
Twitter
YouTube
