CUI Policy and Guidance
Policy and Guidance
The Controlled Unclassified Information Executive Agent (CUI EA) issues guidance to Executive branch departments and agencies that handle unclassified information that requires safeguarding or dissemination controls, pursuant to and consistent with applicable law, regulations, and government-wide policies.
|11/04/2010||Executive Order 13556 "Controlled Unclassified Information"|
|09/14/2016||32 CFR Part 2002 "Controlled Unclassified Information"|
The following National Institute of Standards and Technology (NIST) publications have been incorporated by reference into the CUI Implementing Directive, 32 CFR Part 2002, and should be consulted for guidance on implementing specific measures to safeguard CUI:
- Federal Information Processing Standards Publication 199, Standards for Security Categorization of Federal Information and Information Systems
- Federal Information Processing Standards Publication 200, Minimum Security Requirements for Federal Information and Information Systems
- NIST Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations
- NIST Special Publication 800-88, Revision 1, Guidelines for Media Sanitization
- NIST Special Publication 800-171, Revision 1, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
The CUI EA established the CUI Advisory Council to carry out consultative functions directed by Executive Order 13556.
The CUI EA has developed recommendations to assist departments and agencies in development of their CUI programs and submission of information to the EA.