INTRODUCTION THE NEED TO PROTECT CONTROLLED UNCLASSIFIED INFORMATION oday, more than at any time in history, the federal government is relying on external service providers to help carry out a wide range of federal missions and business functions using state-of-the-practice information systems. Many federal contractors, for example, routinely process, store, and transmit sensitive federal information in their information systems1 to support the delivery of essential products and services to federal agencies (e.g., providing credit card and other financial services; providing Web and electronic mail services; conducting background investigations for security clearances; processing healthcare data; providing cloud services; and developing communications, satellite, and weapons systems). Additionally, federal information is frequently provided to or shared with entities such as State and local governments, colleges and universities, and independent research organizations. The protection of sensitive federal information while residing in nonfederal information systems2 and organizations is of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully carry out its designated missions and business operations, including those missions and functions related to the critical infrastructure. The protection of unclassified federal information in nonfederal information systems and organizations is dependent on the federal government providing a disciplined and structured process for identifying the different types of information that are routinely used by federal agencies. On November 4, 2010, the President signed Executive Order 13556, Controlled Unclassified Information.3 The Executive Order established a governmentwide Controlled Unclassified Information (CUI)4 Program to standardize the way the executive branch handles unclassified information that requires protection and designated the National Archives and Records Administration (NARA) as the Executive Agent5 to implement that program. Only information that requires safeguarding or dissemination controls pursuant to federal law, regulation, or governmentwide policy may be designated as CUI. The CUI Program is designed to address several deficiencies in managing and protecting unclassified information to include inconsistent markings, inadequate safeguarding, and needless restrictions, both by standardizing procedures and by providing common definitions through a CUI Registry.6 The CUI Registry is the online repository for information, guidance, policy, and
- 粉丝: 693
- 资源: 314
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 20240420-扬州高中小学部风雨操场转换层条件图r.dwg
- 小猫咪邮件在线发送系统源码v1.1,支持添加附件
- 永磁电机铜耗估算表-Excel-v1.0
- 参考资料-人工智能对劳动力市场的影响机制研究.pdf
- 协同供应链集成产品介绍V71sp1.rar
- 上市公司-人工智能的采纳程度面板数据(2003-2021年).xlsx
- 参考资料-人工智能技术应用对就业的影响及作用机制研究-来自制造业企业的微观证据.pdf
- 第5章spring-mvc请求映射处理
- 2023-04-06-项目笔记 - 第一百十六阶段 - 4.4.2.114全局变量的作用域-114 -2024.04.27
- 协同供应链集成产品介绍V70.rar