Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The ISSO must report all suspected violations of IA policies in accordance with DoD information system IA procedures.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-70301 | APSC-DV-002920 | SV-84923r1_rule | Medium |
| Description |
|---|
| Violations of IA policies must be reviewed and reported. If there are no policies regarding the reporting of IA violations, IA violations may not be tracked or addressed in a proper manner. |
| STIG | Date |
|---|---|
| Application Security and Development Security Technical Implementation Guide | 2017-03-20 |
Details
| Check Text ( C-70777r1_chk ) |
|---|
| Interview the application representative and review the SOPs to ensure that violations of IA policies are analyzed and reported. If there is no policy for reporting IA violations, this is a finding. |
| Fix Text (F-76537r1_fix) |
|---|
| Create and maintain a policy to report IA violations. |