V-245843
Traditional Security Checklist
Title
Controlled Unclassified Information (CUI) - Employee Education and Training
Description
<VulnDiscussion>Failure to handle CUI in an approved manner can result in the loss or compromise of sensitive information. REFERENCES: Executive Order 13556, Controlled Unclassified Information (CUI) The Information Security Oversight Office (ISOO): https://www.archives.gov/cui CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure A, Paragraph 11, Enclosure B, paragraph 4.h & 6.m., and Enclosure C, paragraph 5. NIST Special Publication 800-53 (S...
Fix Text (Documentation Requirement)
General Policy Guidance: At a minimum, DoD civilians, military members and on-site support contractors with access to CUI shall receive both initial and annual refresher training that reinforces the policies, principles, and procedures covered in CUI policy. Refresher training shall also address the threat and the techniques foreign intelligence activities use while attempting to obtain controlled unclassified DoD information and advise personnel of penalties for unauthorized disclosures. The importance of unclassified information, its potential sensitivity, and the requirement to have all information reviewed and approved for release prior to public disclosure or Web posting shall be reiterated. Refresher training shall also address relevant changes in CUI policy or procedures and issues...