Safeguarding Controlled Unclassified Information (CUI)

General Information

In addition to classified information, certain types of unclassified information also require application of access and distribution controls and protective measures for a variety of reasons. University activities (e.g. sponsored research projects, non-disclosure agreements, proprietary information agreements) may include receiving, generating or using controlled unclassified information. Access to CUI is usually restricted to Non-U.S. persons, unless the sponsor has agreed to grant access to a Non-U.S. person under a fully executed non-disclosure agreement (NDA).

The Office of Research Integrity collaborates with UT System Facility Security Officer/Security Manager to ensure there is a common approach to national security issues common to export controlled and classified programs. ORI is responsible for helping UTSA faculty and staff with the security measures necessary to safeguard controlled unclassified information (CUI) to include export-controlled, for official use only (FOUO) and sensitive but unclassified information (SUI).

The UTSA Office of Information Security (OIS) and the UTSA Office of Information Technology (OIT) are responsible for administering programs that create a reliable and secure university computing environment. The Information Security Officer (ISO) and the Information Security Administrator provide assistance with the implementation and administration of information security initiatives and Data Owner’s security needs. Please contact the ISO at (210) 458-7974 for additional information.

UTSA faculty and staff are responsible for:

  • Obtaining sponsoring organization’s guidance concerning access to CUI or Classified Information;
  • Determining who will have access to CUI;
  • Contacting ORI, OIS and OIT if a protection/security plan (e.g. technology control plan) is required to control access to and dissemination of CUI.

UTSA does not allow classified research or storage or use of classified data at any of its campuses. ORI can assist with security clearances applications for UTSA personnel who seek access to classified material housed elsewhere or to conduct classified research elsewhere as part of a sponsored research project. Use of classified information is restricted to those areas that adhere to the requirements identified in the National Industrial Security Program Operating Manual (NISPOM) or the DD 254 Form, DoD Contract Security Classification Specification, issued by the sponsoring agency.

Guidelines & Forms


Controlled technical information is defined in the DFARS 252.204-7012 as technical information with military or space application that is subject to controls on the access, use, reproduction, modification, performance, display, release, disclosure, or dissemination. Controlled technical information would meet the criteria, if disseminated, for distribution statements B through F using the criteria set forth in DoD Instruction 5230.24, Distribution Statements on Technical Documents. The term does not include information that is lawfully publicly available without restrictions.

Controlled Unclassified Information (CUI) is information that laws, regulations, or Government-wide policies require to have safeguarding or dissemination controls, excluding classified information. For CUI Categories and Subcategories please go to CUI Registry General Guidelines site.

“Covered defense information” is unclassified controlled technical information or other information, as described in the Controlled Unclassified Information (CUI) Registry, that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Governmentwide policies, and is—

  • Marked or otherwise identified in the contract, task order, or delivery order and provided to the contractor by or on behalf of DoD in support of the performance of the contract; or
  • Collected, developed, received, transmitted, used, or stored by or on behalf of the contractor in support of the performance of the contract.
Military Critical Technical Agreement