MinerAlert
Mario E. Caire, Ph.D.
Research Security Officer
Kelly Hall, 4th floor, North Wing
500 W University Ave
El Paso, TX 79968
Office: 915-747-8470
rso@utep.edu
mcaire@utep.edu
The Order specifies categories of non-classified information to be safeguarded and designates the National Archives and Records Administration (NARA) as Executive Agent to implement the CUI program. NARA maintains official CUI categories and subcategories within the Federal CUI Registry. For a full listing of categories, please visit CUI Registry General Guidelines site . The DoD version of the CUI Categories can be found at https://www.dodcui.mil/ .
CUI categories are divided into two subsets: basic and specified . Both subsets require compliance with NIST 800-171.
A federal agency or federal flow down is responsible for identifying and marking CUI and specifying handling requirements. In the absence of such guidance, it is the responsibility of the project PI to reach out to program manager for CUI guidance. This is especially important for solicitations or contracts with the Department of Defense, which currently has the most mature Federal CUI program.
Organizational Index Grouping |
CUI Category |
CUI Subset |
Marking |
Critical Infrastructure |
Info. Sys. Vulnerability Information |
Basic |
CUI or CUI//ISVI |
Physical Security |
Basic |
CUI//PHYS |
|
Export Control |
Export Controlled |
Basic or Specified |
CUI//SP-EXPT |
Privacy |
Health Information |
Basic or Specified |
CUI//SP-HLTH |
Student Records |
Basic or Specified |
CUI//SP-STUD |
|
Defense |
Controlled Technical Information |
Specified |
CUI/SP-CTI |
Provisional |
Operations Security Information |
Basic |
CUI |