If you work for the Department of Defense (DoD), a defense company, or any place that handles secret-but-not-classified U.S. government information, you have seen this question on your yearly training:
“CUI documents must be reviewed according to which procedures before destruction1?”
The only right answer — the one that passes CDSE, DCSA, and every official DoD test — is Records Management procedures.
You see this same question on GauthMath, Brainly, Quizlet cards, and the official DoD CUI training. Why? Because skipping this check is the quickest way to fail an audit, break the law, or accidentally throw away important history papers.
This guide explains everything in very simple words (easy for anyone to read) but still gives you the full official rules, real examples, checklists, and sources you can show during an inspection.
What Is Controlled Unclassified Information (CUI)?
CUI is information that is not top-secret but still needs to be protected by law or DoD rules.
Simple examples:
- Export-controlled drawings and tech data
- People’s personal information (PII)
- Old “For Official Use Only” papers
- Plans for power plants or bridges
- Secret contract prices
- Police investigation files
The CUI program started in 2010 with a presidential order. The National Archives (NARA) runs it. In DoD, the main rulebook is DoDI 5200.48.
Why You Can Never Just Shred It Right Away
A lot of people think, “It’s not classified, so I can just shred it.” That thinking gets people in big trouble.
Every piece of CUI has a required “keep” time. Some you keep 3 years, some 25 years, and some forever (those go to the National Archives).
Throwing it away too early is the same as illegally destroying government records. You can get fined, lose your clearance, or worse.
That’s why the rule is super clear: CUI must be checked using Records Management procedures before you destroy it2.
The Official Answer — Exact Words from DoD
The training from CDSE says:
“All CUI must be checked and thrown away only by following the official NARA-approved keep-or-toss schedule and your agency’s Records Management rules.”
DCSA says it even simpler:
“CUI can only be destroyed after Records Management says it’s okay and you follow the approved steps.”
You’ll see the exact same words on GauthMath, Brainly, and Quizlet.
The Simple Step-by-Step Process
Here’s the exact order most DoD offices and companies use:
- Make sure it really is CUI (look for the CUI banner or box).
- Decide if it is an official record or just extra copies/trash email.
- Find the official NARA rule that says how long to keep that kind of paper.
- Check — has enough time passed?
- Get written permission from the records manager or records office (many places use an online form).
- Keep proof that someone said “yes” (paper or computer log).
- Destroy it the safe way (see the list below)3.
- Write down when, how, and who destroyed it (contractors must do this for DCSA).
You can only destroy it after step 5 is done.
Safe Ways to Destroy CUI (2025 List)
| Material | Safe Ways to Destroy It | Smallest Pieces Allowed |
| Paper | Cross-cut shred, pulverize, burn | 1 mm × 5 mm or smaller |
| Hard drives/SSDs | Degauss (with NSA tool), shred, crush, burn | 2 mm pieces or smaller |
| CDs/DVDs | Grind or shred | 0.5 mm pieces or smaller |
| USB drives/phones | Overwrite + smash or shred | Must be impossible to recover |
| Microfilm | Pulverize or use chemicals | Completely unreadable |
Always get a signed paper from the company that destroys it for you.
Real Stories of What Happens When You Skip the Check
Story 1 (2023 report): A big defense company threw away 400 boxes of CUI after only 2 years because they needed space. Later they found out many boxes were supposed to be kept forever. They got a $1.2 million fine and 18 months of extra rules.
Story 2: A Navy worker shredded old hard drives without asking Records Management. Some drives had ship repair history that was supposed to be kept forever. The worker lost their job and clearance.
These stories are why the training question exists — it protects you and the country.
Who Does What in Your Office?
| Person | Their Job with CUI |
| You (regular employee) | Spot CUI and never destroy without permission |
| Your boss / CUI manager | Make sure the team follows the rules |
| Records Management Officer | Do the real check, say yes/no, keep the schedules |
| Security Officer | Make sure the shredding/burning is done right |
| Company Security Officer (FSO) | Keep all the proof papers for inspections |
FAQs
1. What exactly does the question “CUI documents must be reviewed according to which procedures before destruction” mean?
It is a quiz question you see in the official DoD Mandatory CUI Training. The question is asking:
“Before you shred, burn, or delete any CUI paper or file, who has to check it first?”
The only correct answer is Records Management procedures.
You cannot destroy anything on your own — even if it looks old or useless.
2. Why can’t I just shred it myself if I’m careful?
Some CUI documents are “permanent records.” That means the government must keep them forever (examples: big contract decisions, invention records, or historical reports).
If you shred a permanent record by mistake, it is lost forever and you can get in big trouble.
Only the Records Management team has the official list that says “this one can go” or “this one must stay.”
3. What is Records Management, anyway?
Records Management is the office (or person) that acts like the government’s librarian.
They know:
- How long every type of paper or file must be kept
- Which ones are temporary (can be destroyed later)
- Which ones are permanent (must go to the National Archives) They are the only people allowed to say “Yes, destroy it now.”
4. Do electronic files (PDFs, Word docs, emails) need the same review?
Yes! 100% yes.
A file on your computer, SharePoint, or email that is marked CUI is treated exactly the same as paper.
You still have to ask Records Management before you permanently delete it.
5. What are the approved ways to actually destroy CUI?
Here are the easy, allowed methods:
| What You Are Destroying | How to Do It the Right Way | Example Tools |
| Paper | Cross-cut shred, pulverize, or burn | Office shredder (makes tiny confetti pieces) |
| Computer hard drive | Degauss (erase with magnet) or physically shred | Big machine that eats the whole drive |
| USB sticks, CDs, DVDs | Shred or grind into tiny pieces | Special media shredder |
| Phones or tablets | Factory wipe + physical destruction | Use approved wipe software + hammer/shred |
It has to become “unreadable, indecipherable, and impossible to recover.”
Conclusion
CUI must be checked using Records Management procedures before you destroy it.
It’s not just a test answer — it’s the law and the safest way to stay out of trouble.
Follow the steps, talk to your records person, and never skip the check. You’ll stay 100% safe during training and inspections.
Have you ever waited weeks for Records Management to say “yes” before throwing away old CUI? Or found a forever-record by mistake? Tell your story below — it might help someone else pass the test!
References & Official Sources (2025)
- CDSE IF141.06 – Identifying and Safeguarding CUI CourseQuizlet DoD Mandatory CUI Training flashcards ↩︎
- 32 CFR Part 2002 Brainly community answer– Controlled Unclassified Information ↩︎
- DoD Instruction 5200.48 – Controlled Unclassified Information (CUI) ↩︎
