Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Traditional Security Checklist
IS-16.02.03
Controlled Unclassified Information - Handling, Storage and Controlling Access to Areas where CUI is Processed or Maintained
Controlled Unclassified Information - Handling, Storage and Controlling Access to Areas where CUI is Processed or Maintained
An XCCDF Rule
Details
Profiles
Prose
Controlled Unclassified Information - Handling, Storage and Controlling Access to Areas where CUI is Processed or Maintained
Medium Severity
<VulnDiscussion>Failure to handle CUI in an approved manner can result in the loss or compromise of sensitive information. REFERENCES: Executive Order 13556, Controlled Unclassified Information (CUI) The Information Security Oversight Office (ISOO): https://www.archives.gov/cui CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND); Enclosure C, paragraph 25.d. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: MP-4 and PE-3. DoD Manual 5200.01, Volume 3, 24 February 2012, SUBJECT: DoD Information Security Program: Protection of Classified Information; Enclosure 7, paragraph 13.f. DoDI 5200.48 Controlled Unclassified Information (CUI) DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016, 4-103.c., 5-203.b., and Chapter 5 and Chapter 8, paragraph 8-302.b.& g. </VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>