The IT Law Wiki

CUI Framework Standards Registry

32,081pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

The CUI Framework Standards Registry (also CUI Registry) is

the official list of, and recognized standards for, CUI markings including "safeguarding," and "dissemination" maintained by the Executive Agent.[1]
[t]he online repository of information and policy regarding how authorized holders of CUI should handle such information. The CUI Registry: (i) identifies all of the categories and subcategories of information that require safeguarding and dissemination controls consistent with law, regulation, and governmentwide policies; (ii) provides descriptions for each category and subcategory; (iii) identifies the basis for safeguarding and dissemination controls; (iv) contains associated markings and applicable safeguarding, disseminating, and decontrolling procedures; and (v) specifies CUI that may be originated only by certain executive agencies and organizations. The CUI Executive Agent is the approval authority for all categories/subcategories of information identified as CUI in the CUI Registry and only those categories/subcategories listed are considered CUI.[2]

References Edit

  1. Designation and Sharing of Controlled Unclassified Information (CUI) §(3)(d).
  2. NIST Special Publication SP 800-171, App. B, at B-2.

Also on Fandom

Random Wiki