CUI Policy and Guidance
Policy and Guidance
The Controlled Unclassified Information Executive Agent (CUI EA) issues guidance to Executive branch departments and agencies that handle unclassified information that requires safeguarding or dissemination controls, pursuant to and consistent with applicable law, regulations, and government-wide policies.
CUI Executive Order
| Date | Title |
| 11/04/2010 | Executive Order 13556 "Controlled Unclassified Information" |
CUI Implementing Regulation
| Date | Title |
| 09/14/2016 | 32 CFR Part 2002 "Controlled Unclassified Information" |
Agency Reporting
| Date | Number | Title |
| 09/09/2022 |
FY 2022 CUI Data Collection Tasker
|
CUI Notices and Executive Agent Guidance
| Date | Number | Title |
| 09/07/2022 | CUI Notice 2022-01 | Executive Agent Guidance Regarding White House National Security Council (NSC) Memorandum, “Initiating a Process to Review Information Management and Classification Policies,” June 2, 2022. |
| 10/05/2020 | CUI Notice 2020-07 | Using Alternate Designation Indicators (ADI) with CUI |
| 10/05/2020 | CUI Notice 2020-06 | Limited Marking Waiver Best Practices to Alert Users of CUI |
| 08/25/2020 | CUI Notice 2020-05 | Using Exigent Circumstances Waivers |
| 06/16/2020 | CUI Notice 2020-04 | Assessing Security Requirements for CUI in Non-Federal Information Systems |
| 06/03/2020 |
CUI Notice 2020-03 CUI Notice 2020-03a |
|
| 06/03/2020 | CUI Notice 2020-02 | Alternate Marking Methods |
| 05/14/2020 | CUI Notice 2020-01 | CUI Program Implementation Deadlines (supersedes CUI Notice -2018-03 dated March 13, 2018, and CUI Notice 2016-01 dated September 14, 2016) |
| 03/30/2020 | CUI Memo 2020-03-30 | Applying an Exigent Circumstances Waiver to CUI Safeguarding Requirements while Teleworking in Response to the COVID-19 Pandemic |
| 09/06/2019 | CUI Notice 2019-04 | Oversight of the CUI Program within Private Sector Entities |
| 07/15/2019 | CUI Notice 2019-03 | Destroying CUI in Paper Form (supersedes CUI Notice 2017-02 dated August 17, 2017) |
| 05/13/2019 |
CUI Notice 2019-02 CUI Notice 2019-02a |
|
| 02/22/2019 | CUI Notice 2019-01 | CUI Coversheet and Media Labels |
| 11/19/2018 | CUI Joint Memo 2018-11-19 | Decontrolling CUI in response to a FOIA request |
| 11/16/2018 | CUI Notice 2018-07 | CUI Limited Dissemination Controls |
| 11/16/2018 | CUI Notice 2018-06 | Establishing, Eliminating or Modifying Categories of CUI |
| 11/16/2018 | CUI Notice 2018-04 | Provisional Categories (supersedes CUI Office Notice 2013-01 dated May 22, 2013) |
| 10/24/2018 | CUI Notice 2018-05 | Implementation Guidance when CUI is commingled with CNSI |
| 10/16/2018 | CUI Memo 2018-10-16 | CUI Senior Agency Official/Program Manager Change Form |
| 08/06/2018 | CUI Memo 2018-08-06 | CUI FY2018 Annual Reporting Memo, Form and Instructions |
| 03/13/2018 | CUI Notice 2018-03 | Implementation and Compliance Reporting and Delays (superseded by CUI Notice 2020-01 on May 14, 2020) |
| 01/24/2018 | CUI Notice 2018-02 | Recommendations for CUI Basic Training |
| 01/24/2018 | CUI Notice 2018-01 | Guidance for Drafting Agreements with Non-Executive Branch Entities involving CUI |
| 08/17/2017 | CUI Memo 2017-08-17 | CUI FY17 Annual Reporting Memo, Form and Instructions |
| 08/17/2017 | CUI Notice 2017-02 | CUI and Multi-Step Destruction Process (superseded by CUI Notice 2019-03 on July 15, 2019) |
| 06/12/2017 | CUI Notice 2017-01 | Implementation Recommendations for the CUI Program |
| 04/07/2017 | CUI Memo 2017-08-17 | CUI Implementation Initial Status Report |
| 12/06/2016 | CUI Handbook 2016-12-06 | Marking CUI Rev 1.1 (Marking Handbook) |
| 09/16/2016 | Marking Controlled Unclassified Information (Marking Handbook) | |
| 09/14/2016 | CUI Notice 2016-01 | Implementation Guidance for the CUI Program (superseded by CUI Notice 2020-01 on May 14, 2020) |
| 07/03/2014 | CUI Joint Memo 2014-07-03 | Revised Guidance regarding CUI and the Freedom of Information Act (supersedes joint issuance dated November 22, 2011) |
| 05/22/2013 | CUI Notice 2013-01 | Provisional Approval of Proposed CUI Categories and Subcategories (superseded by CUI Notice 2018-04 on November 16, 2018) |
| 04/11/2013 | CUI Memo 2013-04-11 | Appointments of Senior Agency Official and Program Manager for CUI Program Implementation |
| 07/27/2012 | CUI Memo 2012-07-27 | Review of Proposed Categories for CUI Registry |
| 11/22/2011 | CUI Joint Memo 2011-11-22 | CUI and the Freedom of Information Act (superseded on July 3, 2014) |
| 06/09/2011 | CUI Notice 2011-01 | Controlled Unclassified Information (CUI) Office Notice 2011-01: Initial Implementation Guidance for Executive Order 13556 (superseded on September 14, 2016 by 32 CFR Part 2002 "Controlled Unclassified Information)) |
Office of Management and Budget (OMB) Circular No. A-11
OMB Circular No. A-11 provides guidance on preparing the Budget and instructions on budget execution. Section 31.15 requires that agency budget estimates should reflect consideration of Executive Order 13556, Controlled Unclassified Information (CUI), and the policies issued by the National Archives and Records Administration (NARA), 32 CFR part 2002, "Controlled Unclassified Information," with an effective date of November 14, 2016, and CUI Notice 2016-01, "Implementation Guidance for the Controlled Unclassified Information Program," September 14, 2016.
NIST Publications
The following National Institute of Standards and Technology (NIST) publications have been incorporated by reference into the CUI Implementing Directive, 32 CFR Part 2002, and should be consulted for guidance on implementing specific measures to safeguard CUI:
- Federal Information Processing Standards Publication 199, Standards for Security Categorization of Federal Information and Information Systems
- Federal Information Processing Standards Publication 200, Minimum Security Requirements for Federal Information and Information Systems
- NIST Special Publication 800-53, Revision 5, Security and Privacy Controls for Federal Information Systems and Organizations
- NIST Special Publication 800-88, Revision 1, Guidelines for Media Sanitization
- NIST Special Publication 800-171, Revision 2, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
- NIST Special Publication 800-171A, Assessing Security Requirements for Controlled Unclassified Information
CUI Advisory Council
The CUI EA established the CUI Advisory Council to carry out consultative functions directed by Executive Order 13556.
CUI Registry Committee Charter
Additional Resources
The CUI EA has developed recommendations to assist departments and agencies in development of their CUI programs and submission of information to the EA.