Controlled Unclassified Information (CUI)

CUI Category: Physical Security - Homeland

Category Description:

Assessments or reports illustrating or disclosing facility infrastructure or security vulnerabilities related to the protection of federal buildings, grounds, or property, such as threat assessments, system security plans, contingency plans, risk management plans, business impact analysis studies, and certification and accreditation documentation. 

Category Marking: CUI
Marking, Protection, and Dissemination​: This information must be (1) Marked as CUI using the CUI Control Marking (i.e., CUI) in accordance with marking guidance found on the CUI Registry; (2) Protected in accordance with 32 CFR Part 2002, “Controlled Unclassified Information”; and (3) Disseminated in accordance with any limited dissemination control markings applied to the information.  The CUI Registry lists all limited dissemination control markings that can be applied to CUI. 
Snippet

Notes for Safeguarding, Dissemination and Sanction Authorities:

  • Whether CUI is Basic or Specified is determined by the applicable Safeguarding and/or Dissemination Authority for that CUI.
  • Each "Safeguarding and/or Dissemination Authority" citation links to the statute, regulation or government-wide policy authorizing the control of that information as CUI.
  • Each "Sanctions" authority links to the statute, regulation or government-wide policy that includes penalties for CUI misuse of CUI for the associated "Safeguarding and/or Dissemination Authority" on the same line.
Safeguarding and/or Dissemination Authority Basic or
Specified
Sanctions
Provisional Approval 2018-09-07 Basic  

 

Snippet

Authority links are updated based on regular re-publication of the United States Code and Code of Federal Regulations, and the CUI Registry maintenance schedule.

 

Top