Controlled Unclassified Information
Controlled Unclassified Information (CUI) refers to unclassified information that is to be protected from public disclosure. The CUI designation replaces "sensitive but unclassified" and other similar control markings. A CUI Office has been established at the National Archives to develop guidance for implementing and enforcing the new CUI policy.
Official CUI Policy Documents
- Assessing Security Requirements for Controlled Unclassified Information, NIST Special Publication 800-171A, June 2018
- CUI Implementation and Recommendations, ISOO Overview, October 2017
- CUI Notice 2016-01: Implementation Guidance for the Controlled Unclassified Information Program, Information Security Oversight Office, September 14, 2016
- Marking Controlled Unclassified Information, September 2016
- Controlled Unclassified Information: Final Rule, ISOO, Federal Register, September 14, 2016
- Controlled Unclassified Information: Proposed Rule for Public Comment, ISOO, Federal Register, May 8, 2015
- Guidance regarding Controlled Unclassified Information and the Freedom of Information Act, memo to agencies from DoJ and CUI Office, November 22, 2011
- Initial Implementation Guidance for Executive Order 13556, Controlled Unclassified Information (CUI) Office Notice 2011-01, June 9, 2011 (Transmittal Memo from CUI Office)
- Controlled Unclassified Information, Executive Order 13556, November 4, 2010
- Report and Recommendations of the Presidential Task Force on Controlled Unclassified Information, August 25, 2009
- Presidential Memorandum on Classified Information and Controlled Unclassified Information, May 27, 2009
- CUI Timeline: Framework Implementation Overview (pdf), CUI Office, May 2009
- Controlled Unclassified Information (CUI) Update Meeting (pdf), briefing slides by William J. Bosanko, Director, CUI Office, April 17, 2009
- Clarification of Current DoD Policy on Controlled Unclassified Information (CUI) (pdf), Office of the Under Secretary of Defense, April 7, 2009
- Establishment of the Controlled Unclassified Information Office, memorandum to executive departments and agencies from Allen Weinstein, Archivist of the United States, May 21, 2008
- Background on the Controlled Unclassified Information Framework (pdf), to accompany the Presidential Memorandum, released May 9, 2008
- Designation and Sharing of Controlled Unclassified Information (CUI), Memorandum from the President, May 7, 2008
News, Commentary and Criticism
- A New Policy on Controlled Unclassified Info, Secrecy News, November 4, 2010
- Controlled Unclassified Information: Recommendations for Information Control Reform, OMB Watch, July 2009
- Controlled Unclassified Info May Be Classified, US-Czech Doc Says, Secrecy News, July 14, 2008
- FAS Comments on the Controlled Unclassified Information Framework, letter to Rep. Anna Eshoo, chair, House Intelligence Committee Subcommittee on IC Management, June 16, 2008
- White House Issues Policy on "Controlled Unclassified Info", Secrecy News, May 12, 2008
- Bush issues new secrecy directive by Smintheus, Daily Kos, May 10, 2008
- Keeping Secrets: In Presidential Memo, A New Designation for Classifying Information by Walter Pincus, Washington Post, May 19, 2008
Congressional Resources
- Contractor Integrity: Stronger Safeguards Needed for Contractor Access to Sensitive Information, Government Accountability Officer report no. GAO-10-693, September 10, 2010
- Hearing on The "Improving Public Access to Documents Act of 2008", House Homeland Security Committee Subcommittee on Intelligence, June 11, 2008
- Laws and Regulations Governing the Protection of Sensitive But Unclassified Information, a report prepared by the Federal Research Division of the Library of Congress, September 2004
- "Sensitive But Unclassified" Information and Other Controls: Policy and Options for Scientific and Technical Information, Congressional Research Service, updated December 29, 2006
- Drowning in a Sea of Faux Secrets: Policies on Handling of Classified and Sensitive Information, hearing before the Subcomm on National Security, House Comm on Govt Reform, March 14, 2006
GAO Reports on Sensitive Information
- Transportation Security Administration's Processes for Designating and Releasing Sensitive Security Information [GAO-08-232R], November 30, 2007
- Managing Sensitive Information: DOJ Needs a More Complete Staffing Strategy for Managing Classified Information and a Set of Internal Controls for Other Sensitive Information [GAO-07-83], October 2006
- Managing Sensitive Information: DOD Can More Effectively Reduce the Risk of Classification Errors [GAO-06-706], June 30, 2006
- Managing Sensitive Information: Actions Needed to Ensure Recent Changes in DOE Oversight Do Not Weaken an Effective Classification System [GAO-06-785], June 30, 2006
- Information Sharing: DHS Should Take Steps to Encourage More Widespread Use of Its Program to Protect and Share Critical Infrastructure Information [GAO-06-383], April 2006
- Information Sharing: The Federal Government Needs to Establish Policies and Processes for Sharing Terrorism-Related and Sensitive but Unclassified Information [GAO-06-385], March 2006
- Managing Sensitive Information: Departments of Energy and Defense Policies and Oversight Could Be Improved [GAO-06-369], March 2006
- Critical Infrastructure Protection: Establishing Effective Information Sharing with Infrastructure Sectors, GAO-04-699T, April 21, 2004
- Homeland Security: Efforts to Improve Information Sharing Need to Be Strengthened, GAO-03-760, August 2003