NIST Publishes Final Guidelines for Protecting Information Held by Contractors

June 19, 2015
By Sandra Jontz
E-mail About the Author

The National Institute of Standards and Technology (NIST) published Friday its final guidelines for federal agencies to follow when they provide controlled unclassified information for use on nonfederal systems, such as information on systems used by contractors or universities that work with the government.

The guidance aims to ensure sensitive information remains confidential. The government established the controlled unclassified information (CUI) program to standardize how the executive branch handles unclassified information requiring protection, such as personally identifiable information.

The National Archives and Records Administration (NARA), which oversees the CUI program, worked with NIST to develop these guidelines, according to an agency statement.

"[The guidelines document] is critical to our strategy to strengthen needed protections for CUI," John Fitzpatrick, director of NARA's Information Security Oversight Office, said in a statement. "Together with NARA's recently proposed CUI regulation and a planned Federal Acquisition Regulation clause, we will bring clarity and consistency to the handling of CUI across government."

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.


Share Your Thoughts: