How is responsible for protecting CUI?

The National Archives and Records Administration (NARA) serves as the Controlled Unclassified Information (CUI) Executive Agent (EA). NARA has the authority and responsibility to manage the CUI Program across the Federal government.

Who is responsible for protecting CUI quizlet?

[Title 32 CFR, Part 2002] The National Archives and Records Administration (NARA), which implements the executive branch-wide CUI Program and oversees federal agency actions to comply with Executive Order 13556.

How do you protect CUI?

Securing CUI

  1. Level 1 suggests performing basic cyber hygiene practices like installing anti-virus software and regularly changing passwords to safeguard Federal Contract Information (FCI).
  2. Level 2 describes an “intermediate level of cyber hygiene” that begins implementing NIST SP 800-171 requirements to secure CUI.

What is goal of destroying CUI?

When destroying CUI, including in electronic form, agencies must do so in a manner making it unreadable, indecipherable, and irrecoverable. If the law, regulation, or government-wide policy specifies a method of destruction, agencies must use the method prescribed.

Who can destroy CUI?

Therefore, all CUI paper MUST be destroyed using a high security shredder that produces a final particle size of 1mmx5mm or less, such as those listed on the NSA/CSS 02-01 EPL for classified paper destruction. All of SEM’s high security shredders meet this mandate.

IT IS INTERESTING:  Quick Answer: What are four Hipaa security rules standards for physical safeguards of electronic health information?

Who protects CUI?

As of the writing of this page, the Department of Defense (DoD) has been the first agency to adopt controls regarding the safeguarding of CUI, which they have enacted through specific regulations that specify how certain federal and nonfederal organizations must control CUI in their environment.

What can control CUI?

CUI is government created or owned information that requires safeguarding or dissemination controls consistent with applicable laws, regulations and government wide policies. CUI is not classified information.

Does CUI replace Fouo?

CUI policy provides a uniform marking system across the Federal Government that replaces a variety of agency-specific markings, such as FOUO, LES, SBU, etc.

Does CUI need to be encrypted?

Answer: Yes. CUI must be encrypted in transit.

What is the goal of CUI?

The goal of the new CUI program is to standardize across the federal government how sensitive information is marked, handled and shared, while ensuring the information remains appropriately protected.

How should hard copy CUI destroyed?

Electronic, or “soft”, media refers to any media that is virtual. This includes hard drives, flash or USB drives, DVDs, and any other kind of memory drive. Regardless of the type, the rule of thumb when destroying CUI is to render the information unreadable, indecipherable, and irrecoverable.