ISOO has developed seven new training modules. These videos offer the most up-to-date information about the CUI Program.
- Introduction to Marking CUI (updated August 6, 2018): This video provides an overview of how to mark documents, emails, presentations, systems, and other files that contain CUI. It specifically addresses the designation indicator and the CUI banner marking, including the CUI control marking, CUI category markings, and Limited Dissemination Control Markings. It also discusses portion marking, the use of cover sheets, marking multi-page documents, and decontrolling CUI.
- Marking Commingled Information: This video describes how to mark documents that contain both CNSI and CUI. Specifically, it covers portion and banner markings and how to mark emails and presentations.
- Controlled Environments (updated August 6, 2018): This video presents the viewer with examples of two environments, one that is considered suitable for the storage and handling of CUI and one that is not. It discusses why controlled environments are important and the different approaches agencies can take to creating their own controlled environments.
- Destruction of CUI (updated August 6, 2018): This video discusses the different destruction methods that are appropriate for CUI when it is no longer needed.
- Lawful Government Purpose (updated August 6, 2018): This video addresses the principle of Lawful Government Purpose, or the standard for deciding when to share and when not to share CUI.
- Freedom of Information Act FAQs (updated August 7, 2018): This video addresses some of the most frequently asked questions about CUI and FOIA.
- Freedom of Information Act Panel Discussion (updated August 7, 2018): This video is a discussion of CUI and FOIA expanding on the concepts covered in the July 3, 2014 memo Revised Guidance regarding Controlled Unclassified Information and then Freedom of Information Act.
Agencies (and stakeholders) may wish to use these videos to supplement their CUI Program training. However, it is important to note that ISOO does not track completion of these modules, so if your organization wishes to require viewing of these videos as part of your CUI training program, you must download and run them from organization’s training platform. MP4 versions will be made available for download from the CUI Registry in the coming weeks.
We had great attendance in our webinar yesterday with some great participation in the Q&A period. Thank you to all those who attended. The following topics were covered during the webinar:
A brief overview of the CUI program;
A summary of the upcoming changes to the CUI Registry;
An update on agency implementation efforts;
A review of all existing notices, policies, training and resources currently available from the CUI Registry;
The status and plans for a CUI Federal Acquisition Regulation Rule; and
Time for Questions and Answers.
Please see the slides attached: Feb 15, 2018 Webex
Q&As from the webinar will be posted soon.
The next scheduled webinar will be February 15, 2018 (1-3 EDT). All subscribers to the CUI Blog will receive links and call-in information to access the webinar prior to the event. The webinar will include:
- A brief overview of the CUI program;
- A summary of the upcoming changes to the CUI Registry;
- An update on agency implementation efforts;
- A review of all existing notices, policies, training and resources currently available;
- from the CUI Registry;
- The status and plans for a CUI Federal Acquisition Regulation Rule; and
- Time for Questions and Answers.
Agencies can waive the requirement to re-mark legacy information with the new CUI markings while the CUI is in their control. The CUI Program does not require the agencies to re-mark unless reusing and sharing the information with others outside of their agency. In addition, because the CUI regulation also contains flexibility in handling such things as existing on-line databases with numerous PDF documents, a flash screen may suffice to alert users that a law, Federal regulation, or Government-wide policy requires safeguarding and dissemination controls.
Under the FOUO (For Official Use Only) system (and multiple other protection schemes), agencies are already spending money on protecting the same (or even a greater) range of unclassified information as identified in the CUI Registry. This includes marking, safeguarding measures, and training. The CUI Program’s requirements were based on the baseline for current protection measures purposely. In fact, Executive Order Continue reading “The CUI Program and budget considerations”
Employees that handle CUI in the course of doing agency business are not expected to go directly to and interpret the laws, Federal regulations, and Government-wide policies to determine what unclassified information is controlled, nor will they be responsible for interpreting those authorities and assessing what requirements apply to a given document in their hands or on their systems. They will be going to their agency information management policies, on which they are trained. This is what takes place now and will continue in the future. However, with the advent of the CUI Program and oversight functions, agency policies will be reviewed periodically to ensure they are in line with CUI Program requirements and underlying authorities, and to ensure they are providing sufficient information for employees to carry out both the required protections and permissible sharing.
The full implementation of CUI is unlikely to cause an expansion of the use of Exemption 3 statutes by agencies, and in fact is more likely to produce the opposite effect by prohibiting agencies from marking and controlling information unless a valid law, Federal regulation, or Government-wide policy authorizes it. The CUI Program, for the first time, establishes a clear distinction between a marking purporting to control Continue reading “Will the CUI Program cause an expansion of the use of Exemption 3 of the Freedom of Information Act (FOIA)?”
1. What is the Controlled Unclassified Information (CUI) Program?
The CUI Program is a Government-wide program that standardizes the way the executive branch manages unclassified information that requires safeguarding or dissemination controls required by law, Federal regulation, and Government-wide policy. This Program replaces existing agency programs like For Official Use Only (FOUO), Sensitive But Continue reading “Questions and answers: CUI Program”