Your Cart is Empty
Menu
-
- View NIST RMF Control Families
- Access Control (AC)
- Awareness and Training (AT)
- Audit and Accountability (AU)
- Assessment, Authorization and Monitoring (CA)
- Configuration Management (CM)
- Contingency Planning (CP)
- Identification and Authentication (IA)
- Incident Response (IR)
- Maintenance (MA)
- Media Protection (MP)
- Physical and Environment Protection (PE)
- Planning (PL)
- Program Management (PM)
- Personnel Security (PS)
- PII Processing and Transparency (PT)
- Risk Assessment (RA)
- System and Services Acquisition (SA)
- System and Communications Protection (SC)
- System and Information Integrity (SI)
- Supply Chain Risk Management (SR)
- View All
- View Compliance Toolkits
- Enterprise
- About ASP
- FAQ
-
- ← Main Site
- Company
- Resources
- Blog
- Submit RFP
- Login
View NIST RMF Control Families
Add description, images, menus and links to your mega menu
A column with no settings can be used as a spacer
Link to your collections, sales and even external links
Add up to five columns
Add description, images, menus and links to your mega menu
A column with no settings can be used as a spacer
Link to your collections, sales and even external links
Add up to five columns
What actual policies govern Controlled Unclassified Information (CUI)? | DCSA | DoD
September 27, 2023 1 min read
What actual policies govern Controlled Unclassified Information (CUI)?
Currently, the following four (4) main policies govern CUI:
- Executive Order 13556 “Controlled Unclassified Information” (https://obamawhitehouse.archives.gov/the-press-office/2010/11/04/executive-order-13556-controlled-unclassified-information) assigns policy responsibilities, and prescribes procedures for CUI throughout the DoD.
- 32 CFR Part 2002 “Controlled Unclassified Information” Part 2002 (https://www.govinfo.gov/content/pkg/CFR-2018-title32-vol6/pdf/CFR-2018-title32-vol6-part2002.pdf) establishes the CUI Program throughout the Federal Government and describes the roles, responsibilities, along with other essential provisions of the CUI program.
- DoDI Instruction 5200.48 “Controlled Unclassified Information” (https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/520048p.PDF) This order effectively establishes a uniform program for managing information that requires safeguarding or dissemination controls throughout the Federal Government.
- NIST Special Publication 800-171 Rev. 2 “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations” (https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r2.pdf) This publication identifies the baseline for CUI system security requirements as “The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully conduct its essential missions and functions.”
Need to Implement a DoD CUI Program? Talk to Arlington
DoD contractors - and other contractors providing services to federal agencies - need to have in place established policies, procedures, and processes regarding CUI that’s resident within their information systems. What federal contractors need is a CUI Program. Arlington can help, as we offer the following CUI services and solutions:
- CUI Scoping & Gap Assessments
- CUI Policy Development
- CUI Identification
- CUI Contractual Language Review
- CUI Marking (Digital)
- CUI Marking (Physical)