2002.14.a - General safeguarding policy

Question 1

Pursuant to (a) __ _____ and __ ___ ____ ____, and in consultation with affected agencies, the CUI EA issues safeguarding standards in (b) __ ___ ____ ____ and, as necessary, in the (c) ___ ________, updating them as needed.

Answer 1

(a) EO 13556 and 32 CFR Part 2002

(b) 32 CFR Part 2002

(c) CUI Registry

Question 2

These standards require agencies to safeguard CUI at all times in a manner that minimizes the risk of (a) ____________ __________ while allowing (b) ______ ______ by authorized holders.

Answer 2

(a) unauthorized disclosure

(b) timely access

Question 3

Safeguarding measures that agencies are authorized or accredited to use for __________ ___________ and ________ ________ _______ are also sufficient for safeguarding CUI in accordance with the organization’s management and acceptance of risk.

Answer 3

classified information and national security systems

Question 4

gencies may increase CUI Basic’s confidentiality impact level _____ ________ only internally, or by means of agreements with agencies or non-executive branch entities (including agreements for the operation of an information system on behalf of the agencies).

Answer 4

above moderate

Question 5

Agencies may not otherwise require controls for CUI Basic at a level ______ ____ permitted in the CUI Basic requirements when disseminating the CUI Basic outside the agency.

Answer 5

higher than

Question 6

__________ _______ must comply with policy in the Order, this part, and the CUI Registry, and review any applicable agency CUI policies for additional instructions.

Answer 6

Authorized holders

Question 7

For information designated as ___ _________, authorized holders must also follow the procedures in the underlying laws, regulations, or policies.

Answer 7

CUI Specified