Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
DCAR-1 Procedural Review
Overview
An annual IA review is conducted that comprehensively evaluates existing policies and processes to ensure procedural consistency and to ensure that they fully support the goal of uninterrupted operations.
| MAC / CONF | Impact | Subject Area |
|---|---|---|
| MACI MACII MACIII | Medium | Security Design and Configuration |
Details
| Threat |
|---|
| Complacency in regards to the periodic review of existing policies and processes opens the door to emerging security threats that can negatively impact mission success. The dynamic nature of information technology warrants at least an annual review of existing policies and processes to help achieve uninterrupted operations. |
| Guidance |
|---|
| 1. The DIACAP Team shall be an active participant in annual review process. 2. An annual IA review shall be conducted that comprehensively evaluates existing policies and processes to ensure procedural consistency and to ensure that they fully support the goal of uninterrupted operations. 3. The annual review process should account for the analysis of projected policy needs, and produce a plan for development or implementation of new policies or processes. |
References
- DoDI 8500.2, Information Assurance (IA) Implementation, para E3.3.10, 06 February 2003
- Section 2224 of title 10, United States Code,"Defense Information Assurance Program”, 05 October 1999