Tuesday, August 9, 2016

OMB Approves NARA CUI Final Rule

Yesterday the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had approved the final rule from the National Archives and Records Administration (NARA) concerning the administration of the various Federal Controlled Unclassified Information (CUI) programs. The final rule was submitted to OIRA back in October of last year. The notice of proposed rulemaking (NPRM) was published in May, 2015 and I did a series of blog posts on the provisions of that NPRM.

This rulemaking is mainly targeted at protecting CUI on government and contractor IT systems. It is expected that it will require the implementation of NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, as the IT security standard for contractors and other non-government organization that are required to protect CUI.

Readers of this blog will be interested in this rule making because of its potential effects on the following CUI programs:

I expect that the final rule will be published in the Federal Register later this week.

NOTE: Corrected SSI program link - 08-10-16 21:30 EDT

No comments:

/* Use this with templates/template-twocol.html */