This Online Self-study Course Provides Comprehensive Information About the Need To Protect Controlled Unclassified Information
Today, more than at any time in history, the federal government is relying on external service providers to help carry out a wide range of federal missions and business functions using state-of-the-practice information systems.
An information system is a discrete set of information resources organized expressly for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information. Information systems also include specialized systems for example, industrial/process control systems, cyber-physical systems, embedded systems, and devices. The term system is used to represent all types of computing platforms that can process, store, or transmit CUI.
The protection of sensitive federal information while residing in nonfederal systems and organizations is of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully carry out its designated missions and business operations, including those missions and functions related to the critical infrastructure.
A federal information system is a system that is used or operated by an executive agency, by a contractor of an executive agency, or by another organization on behalf of an executive agency. A system that does not meet such criteria is a nonfederal system.
The protection of unclassified federal information in nonfederal systems and organizations is dependent on the federal government providing a disciplined and structured process for identifying the different types of information that are routinely used by federal agencies.
- On November 4, 2010, the President signed Executive Order 13556, Controlled Unclassified Information.
The Executive Order established a government-wide Controlled Unclassified Information (CUI) Program to standardize the way the executive branch handles unclassified information that requires protection and designated the National Archives and Records Administration (NARA) as the Executive Agent to implement that program.
The course provides details and an explanation about all security families, which includes 110 objectives and controls.
- Access Control
- Media Protection
- Awareness and Training
- Personnel Security
- Audit and Accountability
- Physical Protection
- Configuration Management
- Risk Assessment
- Identification and Authentication
- Security Assessment
- Incident Response
- System and Communications Protection
- Maintenance
- System and Information Integrity
Order through PayPal’s secure card services
#End of Form