| V-24957 | High | If a data spill (Classified Message Incident (CMI)) occurs on a mobile device, the site must follow required data spill procedures. | If required procedures are not followed after a data spill, classified data could be exposed to unauthorized personnel. |
| V-24955 | Medium | Publish data spill procedures for mobile devices | When a data spill occurs on a mobile device, classified or sensitive data must be protected to prevent disclosure. After a data spill, the mobile device must either be wiped using approved... |
| V-24970 | Low | The mobile device management (MDM) server administrator must receive required training. | The security posture of the MDM server could be compromised if the administrator is not trained to follow required procedures. |
| V-24962 | Low | The site Incident Response Plan or other procedure must include procedures to follow when a mobile operating system (OS) based mobile device is reported lost or stolen. | Sensitive DoD data could be stored in memory on a DoD operated mobile operating system (OS) based mobile device and the data could be compromised if required actions are not followed when a ... |
| V-24969 | Low | Required actions must be followed at the site when a mobile device has been lost or stolen. | If procedures for lost or stolen mobile devices are not followed, it is more likely that an adversary could obtain the device and use it to access DoD networks or otherwise compromise DoD IA. |
| V-28313 | Low | MDM server administrator training must be renewed annually. | The MDM server administrator must renew required training annually. |
