Data type
CUI
31 items across the GovConCyber reference layer carry this topic.
Requirements
- Obtain and Maintain CMMC Certification at the Required Level
- Protect Bank Secrecy Act / FinCEN Information
- Protect Critical Energy/Electric Infrastructure Information
- Protect Criminal History Records Information
- Protect Controlled Technical Information
- Protect Chemical-Terrorism Vulnerability Information
- Decontrol CUI When Safeguarding Is No Longer Required
- Destroy CUI Using Approved Methods
- Apply Limited Dissemination Controls and Lawful Government Purpose
- Comply With Export Controls for CUI (EAR/ITAR)
- Use FedRAMP-Authorized Cloud for CUI (DoD: FedRAMP-Moderate Equivalent)
- Protect Student Records
- Flow Down CUI Safeguarding Requirements to Subcontractors
- Protect Health Information CUI
- Identify and Categorize CUI Using the CUI Registry
- Report Loss or Compromise of CUI
- Apply CUI Markings (Banner, Portion, Category, and Limited Dissemination)
- Protect CUI on Nonfederal Systems per NIST SP 800-171
- Apply Enhanced Safeguards for High-Value CUI (APT)
- Protect Protected Critical Infrastructure Information
- Protect Proprietary Business Information / Trade Secrets
- Protect Privacy CUI and Sensitive PII
- Safeguard CUI at the 32 CFR 2002 Baseline
- Protect Nuclear Safeguards Information
- Apply Category-Specific (CUI Specified) Handling Controls
- Protect Source Selection and Procurement-Sensitive Information
- Protect Sensitive Security Information
- Protect Federal Taxpayer Information
- Provide CUI Awareness Training to the Workforce
- Protect Unclassified Controlled Nuclear Information
- Protect Water-System Risk and Resilience Assessments