CMMC – What information is protected?
CMMC is primarily designed to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).
FCI is information, not intended for public release, that is provided by or generated for the government under a contract to develop or deliver a product or service to the government, but not including information provided by the government to the public (such as on public websites) or simple transactional information, such as necessary to process payments.
CUI is generally unclassified information that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and government-wide policies. A CUI Registry provides information on the specific categories and subcategories of information that the Executive branch protects. The CUI Registry can be found at both https://www.archives.gov/cui and https://www.dodcui.mil/Home/DOD-CUI-Registry/
Resources, including online training to better understand CUI, can be found on the National Archives’ website and the Department of Defense’s website.
Back to CMMC at WUSTL and Security of Controlled Unclassified Information (CUI) in Sponsored Research
CMMC – How do I know if it is required?
CMMC is required for your project activity if (1) you are handling Federal Contract Information (FCI) or Controlled Unclassified Information (CUI) and…
CMMC – Model Framework
The Cybersecurity Maturity Model Certification (CMMC) framework organizes processes and cybersecurity best practices into a set of 17 capability domains…
CMMC – What information is protected?
CMMC is primarily designed to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI)…
CMMC – What is it?
The Cybersecurity Maturity Model Certification (CMMC) is a program of unified standards and frameworks of cybersecurity best practices and controls …
CMMC – Why was it created?
The theft of intellectual property and sensitive information due to malicious cyber activity threatens economic security and national security…
CUI – Does my RFP/RFI involve CUI?
The below steps are designed to assist you in determining if a RFP/RFI will require safeguards to protect…
CUI – Training and Resources
All faculty and staff who may come into contact with CUI data in their course of performing their job duties are required to take training. The training required depends upon your job, and the nature of your interaction with CUI data here at the university.
CUI – What is it?
Controlled Unclassified Information (CUI) is a category of unclassified data that federal agencies create or possess, government, which is required…
CUI FAQ
Answers to frequently asked questions about the WUSTL-SEn environment for CUI data at Washington University in St. Louis.