National Archives Issues Non-FAR-Based Guidance for Controlled Unclassified Information

The Information Security Oversight Office (ISOO) within the National Archives and Records Administration (NARA) has issued guidance relevant to contractors and other non-executive branch entities concerning controlled unclassified information (CUI). Specifically, the ISOO issued CUI Notice 2018-01 regarding information sharing agreements with non-executive branch entities that are not governed by the forthcoming CUI Federal Acquisition Regulation (FAR) Clause, including certain contracts, grants, licenses, and memoranda of understanding. Importantly, the ISOO guidance provides both mandatory and recommended language for inclusion in future information sharing agreements to help ensure the appropriate handling and safeguarding of CUI. While we continue to await a proposed FAR Clause regarding CUI, contractors should benefit from the additional clarity that this ISOO guidance brings in standardizing CUI provisions for non-FAR based agreements.