UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

PRAS-2 Access to Information


Overview

Individuals requiring access to classified information are processed for access authorization in accordance with DoD personnel security policies.

MAC / CONF Impact Subject Area
CLASSIFIED High Personnel

Details

Threat
Classified information stored on servers, workstations, media and documentation are at risk of copying, destruction, and illegal distribution by unauthorized access.  In order to prevent access to classified information  by unauthorized persons, a proper personnel screening and authorization process must be implemented in accordance with DoD Personnel Security policy.

Guidance
This guidance is intended for Information Assurance Managers/Officers or System Administrators tasked with insuring that only  those personnel cleared for the level of information processed by the system, and the requisite need to know, are granted access to the system for processing purposes:
 
1. Identify types of classified information processed by the system.
2. For each person assigned to the organization and requiring processing privileges on the system, ensure that access authorization is provided by the organizational Security Officer in the form of a document clearly stating that the user has undergone the required background investigation for access to classified information at specific security classification levels, is cleared accordingly, and has been authorized access to the information on a need-to-know basis.
3. Ensure that for systems processing sensitive compartmented information (SCI) or any other compartmented classified information that users have been received the proper briefings and signed the appropriate authorization paperwork.

References

  • DoD 5200.2-R (Personnel Security Program), January 1987