What is CUI?
Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies as specified in Executive Order 13556 and Rule 32 CFR Part2002. National Archives and Records Administration (NARA) was appointed by the President to be the Executive Agent of the CUI Program.
FERC developed a policy to promote compliance for the protection of sensitive information mandates. The policy lays out procedures for labeling and handling sensitive information. You may see labels on the top of documents like CUI//PRIV or CUI//CEII instead of labels like FOUO or SBU. You could also find documents will be password protected and require a password to open.
How does FERC Protect CUI?
FERC uses several methods to protect CUI
-
Password protecting files or folders using WinZip.
-
Password protecting the actual file with Microsoft or Adobe products.
-
Email Encryption using Microsoft 365
Quick Links
- CUI Briefing Video
- CUI History
- CUI Policy and Guidance
- CUI Registry
- CUI Training Tools
- FIPS Publication 199 "Standards for Security Categorization of Federal Information and Information Systems"
- FIPS Publication 200 "Minimum Security Requirements for Federal Information and Information Systems"
- NIST Special Publication 800-53, Revision 4 "Security and Privacy Controls for Federal Information Systems and Organizations"
- NIST Special Publication 800-171 "Protecting Unclassified Information in Nonfederal Information Systems and Organizations"