DoD Distribution Statements

Key Takeaways

• DoD Distribution Statements define access limits for DoD technical data.
• They are not limited to CUI and can appear on both CUI and non-CUI materials.
  The six statements (A–F) set clear dissemination limits that are legally binding once applied.
• Contractors must follow the assigned statement and may not modify it without approval from the controlling DoD office.
• Correct handling requires reviewing both the distribution limit and whether the content triggers DFARS, CMMC, or export-control obligations.

What are DoD Distribution Statements?

DoD Distribution Statements are standardized markings used by the U.S. Department of Defense to indicate who may access, share, or reuse a given document.  They help control the flow of information that may be sensitive. They are not limited to CUI and can appear on non-CUI documents. 

DoD Distribution Statements Basics

A distribution statement DoD is placed on the front page of a document to communicate the limits of dissemination. These markings apply broadly to:

• Technical data and engineering drawings
  
• Research reports and scientific analysis
  
• System manuals and program documentation
  
• Prototype specifications
  
• Contract deliverables
  
• Export-controlled technical material

They are authorized under DoDI 5230.24 and DoDI 5230.25 and remain a central part of the DoD’s document-control environment.

The Difference Between Distribution Statements and CUI

Not every document with a distribution statement is Controlled Unclassified Information (CUI), and not every piece of CUI will have a distribution statement on technical documents.

This distinction is important because contractors frequently assume the presence of a distribution statement means a document contains CUI. In reality:

• Distribution statements regulate dissemination (who may receive the document).
  
• CUI markings regulate safeguarding (how the document must be protected).
  

The two systems overlap but are not interchangeable. Contractors must evaluate each document based on both sets of rules, especially when determining DFARS obligations or CMMC Level 2 scoping.

A distribution statement alone does not trigger CUI handling requirements unless the underlying content falls within a CUI category.

The Six DoD Distribution Statements

The DoD uses six standard statements, labeled A through F, to indicate permitted dissemination:

Statement A: Approved for Public Release

No restrictions. Information may be distributed widely.

Statement B: U.S. Government Agencies Only

Only federal government agencies may receive the material.

Statement C: U.S. Government and Its Contractors

Allows dissemination to government agencies and contractors who require the information to fulfill a government contract.

Statement D: DoD and DoD Contractors Only

More restrictive than Statement C; excludes non-DoD federal agencies.

Statement E: DoD Components Only

Limits dissemination strictly to DoD components. Used for highly sensitive internal material.

Statement F: Further Distribution Only as Directed

The most restrictive. Distribution is allowed solely with permission from the controlling DoD office.

DoD Distribution Statements CUI are legally binding once applied.

How Distribution Statements Affect DFARS and CMMC Compliance

Distribution statements play a supporting role in several federal requirements:

DFARS 252.204-7012

Contractors must protect Covered Defense Information, which often includes CUI. Distribution statements help identify which documents require heightened controls but must be paired with a content-based review.

NIST SP 800-171 / CMMC Level 2

Documents with restrictive distribution statements frequently fall within a contractor’s CUI boundary. Proper analysis prevents unnecessary scoping.

Export Controls (ITAR / EAR)

If technical information is tied to export-control categories, the correct distribution statement will narrow dissemination, but contractors must still map the content to legal authorities under ITAR and EAR.

Who Assigns Distribution Statements

The controlling DoD office (CDO) assigns distribution statements based on:

• Contract terms
  
• Funding source
  
• Export-control status
  
• Sensitivity of technical information
  
• Data rights guidance
  
• Official classification or security directives
  

Contractors should not modify or remove distribution statements without authorization.

How Contractors Should Manage Documents With Distribution Statements

Organizations handling DoD documentation should build procedures around:

• Identifying distribution statements during intake
  
• Reviewing whether the underlying data is also CUI
  
• Applying proper markings before internal distribution
  
• Using controlled document repositories with access limitations
  
• Training employees to understand the differences among A–F
  
• Validating export-control status when CTI is involved
  
• Tracking dissemination to subcontractors and partners

FAQs

​​What should a contractor do if a document contains sensitive technical information but arrives without a distribution statement?

Contractors should not assign a distribution statement on their own unless authorized by contract. The correct step is to request clarification from the controlling DoD office and restrict dissemination until guidance is received.

Can distribution statements change over time?

Yes. If program sensitivity changes, export-control classifications are updated, or information is later approved for public release, the controlling DoD office may revise or remove the distribution statement. Contractors cannot make these changes independently.

Can a document include both a distribution statement and proprietary markings?

Yes. DoD distribution statements can appear alongside contractor-owned markings such as “Proprietary,” “Limited Rights,” or “Government Purpose Rights.” Each marking operates under different legal authorities, and both sets of restrictions must be followed.

What happens if a document is mis-marked with an incorrect distribution statement?

Suspected mis-markings should be reported to the controlling DoD office. Incorrect markings can improperly restrict legitimate work or put sensitive data at risk. Only the controlling office may correct or authorize changes.

Are distribution statements used outside the Department of Defense?

They are primarily a DoD requirement. Some federally funded research institutions and FFRDCs use them when working under DoD agreements, but other federal agencies typically use different dissemination controls.

How do distribution statements apply when storing documents in cloud platforms?

Restricted documents must be stored and shared only in cloud environments approved for the intended audience. 

Do distribution statements determine whether a document is export-controlled?

No. Export-control status is defined by ITAR or EAR classifications. A distribution statement may align with export restrictions, but it does not establish or replace an export-control determination.