Executive Order 13556, Controlled Unclassified Information
- Source type
- executive order
- Knowledge graph use
- Use as the executive authority foundation for the CUI Program.
- Topic tags
CUI Policy and Guidance Sources
Supplemental NARA, ISOO, policy, marking, dissemination, safeguarding, assessment, decontrol, waiver, and implementation sources connected to the CUI knowledge graph.
CUI program foundation
program-wide
32 CFR Part 2002, Controlled Unclassified Information
- Source type
- implementing regulation
- Knowledge graph use
- Use as the government-wide implementing regulation for CUI designation, safeguarding, dissemination, marking, decontrol, and disposal.
- Topic tags
CUI notices and Executive Agent guidance
program-wide with selected category-specific examples
Using Alternate Designation Indicators with CUI
- Source type
- cui notice
- Knowledge graph use
- Use to explain when an agency may use alternate designation indicators that do not directly identify the agency.
- Topic tags
- designation indicator, marking, agency identification
Limited Marking Waiver Best Practices to Alert Users of CUI
- Source type
- cui notice
- Knowledge graph use
- Use to explain system banners, access notifications, training, and reporting expectations when a limited marking waiver exists.
- Topic tags
- limited marking waiver, systems, awareness, marking
Using Exigent Circumstances Waivers
- Source type
- cui notice
- Knowledge graph use
- Use to explain emergency or exigent handling exceptions as a program-level waiver topic.
- Topic tags
- exigent circumstances, waiver, safeguarding
Assessing Security Requirements for CUI in Non-Federal Information Systems
- Source type
- cui notice
- Knowledge graph use
- Use to explain that agencies use NIST SP 800-171 for CUI confidentiality in nonfederal systems unless a registry authority prescribes specific safeguarding, and that NIST SP 800-171A is the primary assessment procedure source.
- Topic tags
- nonfederal systems, nist sp 800 171, nist sp 800 171a, assessment, scope
Alternate Marking Methods
- Source type
- cui notice
- Knowledge graph use
- Use to explain alternate marking methods when individual marking is impractical, including the requirement to convey CUI status, Specified categories, limited dissemination controls, and special handling requirements.
- Topic tags
- alternate marking, specified categories, limited dissemination, special handling
CUI Program Implementation Deadlines
- Source type
- cui notice
- Knowledge graph use
- Use for agency implementation timeline context, not for category-specific authority analysis.
- Topic tags
- implementation, agency program
Oversight of the CUI Program within Private Sector Entities
- Source type
- cui notice
- Knowledge graph use
- Use for program oversight discussions involving non-federal or contractor environments.
- Topic tags
- private sector, oversight, contracts
Destroying CUI in Paper Form
- Source type
- cui notice
- Knowledge graph use
- Use to explain program guidance for destroying CUI in paper form.
- Topic tags
- destruction, paper, media sanitization
CUI Coversheet and Media Labels
- Source type
- cui notice
- Knowledge graph use
- Use for coversheet and media labeling context alongside the NARA marking handbook.
- Topic tags
- coversheet, media labels, marking
Decontrolling CUI in response to a FOIA request
- Source type
- joint memo
- Knowledge graph use
- Use for decontrol and FOIA-response scenarios.
- Topic tags
- decontrol, foia
CUI Limited Dissemination Controls
- Source type
- cui notice
- Knowledge graph use
- Use to explain that only CUI Executive Agent-approved limited dissemination controls in the CUI Registry may be applied, and that they may supplement authority-based dissemination controls.
- Topic tags
- limited dissemination, dissemination controls, marking
Establishing, Eliminating, or Modifying Categories of CUI
- Source type
- cui notice
- Knowledge graph use
- Use to explain how an LRGWP-driven information type is submitted to the CUI Executive Agent and how registry updates identify category name, description, markings, and safeguarding measures exceeding CUI Basic.
- Topic tags
- category governance, registry changes, authority review, safeguarding measures
Implementation Guidance when CUI is commingled with CNSI
- Source type
- cui notice
- Knowledge graph use
- Use to explain marking and identification requirements when CUI is present inside classified national security information products.
- Topic tags
- commingled cui cnsi, classified documents, specified categories, limited dissemination, special handling
Guidance for Drafting Agreements with Non-Executive Branch Entities involving CUI
- Source type
- cui notice
- Knowledge graph use
- Use for agreements and contractual incorporation discussions outside direct federal agency handling.
- Topic tags
- agreements, non executive branch, contracts
Implementation Recommendations for the CUI Program
- Source type
- cui notice
- Knowledge graph use
- Use for agency CUI program implementation context.
- Topic tags
- implementation, agency program, program management
Marking Controlled Unclassified Information Rev. 1.1
- Source type
- marking handbook
- Knowledge graph use
- Use for NARA/ISOO marking patterns and examples, while preserving category authority and DoD marking-guide differences.
- Topic tags
- marking, banner marking, portion marking, designation indicator, limited dissemination, coversheet
Revised Guidance regarding CUI and the Freedom of Information Act
- Source type
- joint memo
- Knowledge graph use
- Use for CUI/FOIA relationship discussions.
- Topic tags
- foia, decontrol, disclosure
NIST publications incorporated or referenced for CUI safeguarding
program-wide safeguarding references
FIPS 199, Standards for Security Categorization of Federal Information and Information Systems
- Source type
- nist publication
- Knowledge graph use
- Use for security categorization lineage.
- Topic tags
FIPS 200, Minimum Security Requirements for Federal Information and Information Systems
- Source type
- nist publication
- Knowledge graph use
- Use for minimum security requirements lineage.
- Topic tags
NIST SP 800-53 Revision 5, Security and Privacy Controls for Information Systems and Organizations
- Source type
- nist publication
- Knowledge graph use
- Use for control catalog lineage and relationships to CUI safeguarding requirements.
- Topic tags
NIST SP 800-88 Revision 2, Guidelines for Media Sanitization
- Source type
- nist publication
- Knowledge graph use
- Use for media sanitization and destruction relationships.
- Topic tags
NIST SP 800-171 Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
- Source type
- nist publication
- Knowledge graph use
- Use for current operational CUI safeguarding analysis; preserve exam-current Rev. 2 treatment separately where needed.
- Topic tags