What is cui documents must be reviewed according to which procedures before destruction?

Before destruction, <a href="https://www.wikiwhat.page/kavramlar/Controlled%20Unclassified%20Information">Controlled Unclassified Information (CUI)</a> documents must undergo a review process to ensure proper handling and prevent unauthorized disclosure. The specific procedures for this review are typically dictated by organizational policy, often aligned with the <a href="https://www.wikiwhat.page/kavramlar/National%20Archives%20and%20Records%20Administration">National Archives and Records Administration (NARA)</a> guidelines and relevant federal regulations like <a href="https://www.wikiwhat.page/kavramlar/32%20CFR%20Part%202002">32 CFR Part 2002</a> (the CUI Rule).

Key aspects of the review process include:

  • Identification: Confirming that the document truly contains CUI and determining the specific <a href="https://www.wikiwhat.page/kavramlar/CUI%20categories">CUI categories</a> it falls under. This determines the applicable safeguarding and dissemination controls.

  • Retention Requirements: Verifying that the document has met its legally mandated or organizationally defined retention period. Destruction before the end of the retention period is generally prohibited.

  • Legal and Regulatory Compliance: Ensuring that destruction aligns with all applicable laws, regulations, and agency-specific directives related to records management and <a href="https://www.wikiwhat.page/kavramlar/information%20security">information security</a>.

  • Historical Value: Assessing whether the document has any enduring historical value to the organization or the public. If so, it may need to be preserved rather than destroyed.

  • Approval: Obtaining the necessary approvals from designated authorities within the organization before initiating destruction. This may involve the CUI Program Manager, legal counsel, or records management personnel.

  • Documentation: Maintaining a record of the destruction process, including the date, method of destruction, and the names of individuals involved. This documentation serves as evidence of compliance with CUI requirements.

Different organizations may have unique procedures, but these are the fundamental areas usually considered before CUI document destruction.