The ISSO/IAO does not ensure that administration and maintenance personnel have proper access to the facilities, functions, commands, and calling privileges required to perform their job.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-7923	DSN01.03	SV-8409r1_rule	ECLP-1 ECSC-1	Medium

Description
Requirement: The IAO will ensure that internal and external administrator/maintenance personnel have appropriate but limited access to the facilities, functions, commands, and calling privileges in accordance with their role as required when performing their job. Privileged access to any system should be controlled. Anyone with privileged access can cause serious system damage that could in turn have detrimental affects on the operational environment. Administration and maintenance personnel should be provided only that privileged access needed to perform their job.

Description

Requirement: The IAO will ensure that internal and external administrator/maintenance personnel have appropriate but limited access to the facilities, functions, commands, and calling privileges in accordance with their role as required when performing their job. Privileged access to any system should be controlled. Anyone with privileged access can cause serious system damage that could in turn have detrimental affects on the operational environment. Administration and maintenance personnel should be provided only that privileged access needed to perform their job.

STIG	Date
Defense Switched Network (DSN) STIG	2015-06-30

Details

Check Text ( C-7304r1_chk )
Interview the IAO or SA and confirm compliance through discussion, review of site policy, diagrams, documentation, DAA approvals, etc as applicable.

Fix Text (F-7969r1_fix)
The ISSO/IAO should Implement appropriate processes, local policies, and/or procedures to provide maintenance personnel and SAs with the appropriate access and system privileges needed to properly perform their tasks and responsibilities