Controlled Unclassified Information (CUI) applies to data the Federal Government has shared with the university including:

  • Federal data received as part of a research grant
  • Federal data received to conduct university business (e.g., student financial aid information)

Researchers and university staff should review federal contracts or agreements to determine if the data is specifically identified as CUI. If so, the university must follow the Requirements and related Security Controls specified in NIST 800-171 to protect CUI data.