NIST said Friday it is seeking further public comments on the “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” document as part of efforts to standardize the handling of CUI.
The final draft includes clarifications in the guidance’s scope and applicability, alignment with the CUI federal rule and a future clause in the Federal Acquisition Regulation and adjustments to CUI security requirements.
NIST noted that it worked with the National Archives and Records Administration to develop the guidelines to protect CUI confidentiality via an approach consistent with relevant laws, regulations and policies.
Comments to the draft are due May 12.