From: FierceGovernmentIT
A final draft on a standard for protecting controlled unclassified information, or CUI, in nonfederal information systems is available for comment.
Federal agencies would use National Institute of Standards and Technology Special Publication 800-171 when they provide such data to nonfederal entities “for purposes unrelated to information processing”—that is, the nonfederal organizations are not operating their information systems to process agency data, including CUI, on behalf of the agency but rather for other purposes (e.g., when designing or producing an aircraft, performing a study or conducting background investigations for security clearances), according to the latest draft [.pdf], released April 3 as a collaboration of NIST and the National Archives and Records Administration.
Leave a Reply