Controlled Unclassified Information (CUI)

CUI Registry: Decontrol

Search the Registry 


CUI General Decontrol Principles


  • Agencies should decontrol as soon as practicable any CUI designated by their agency that no longer requires safeguarding or dissemination controls, unless doing so conflicts with the governing law, regulation, or Government-wide policy.
  • Decontrolling CUI relieves authorized holders from requirements to handle the information under the CUI program, but does not constitute authorization for public release.
  • Reference 32 CFR 2002.18 for full discussion of CUI decontrol guidelines.