UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The operating system must enforce a two-person rule for changes to organization defined information system components and system-level information.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33053 SRG-OS-000091-NA SV-43451r1_rule Medium
Description
Regarding access restrictions for changes made to organization defined information system components and system level information. Any changes to the hardware, software, and/or firmware components of the operating system can potentially have significant effects on the overall security of the system. Rationale for non-applicability: For the purposes of this SRG, a mobile operating system is assumed to support a single human-accessible user account. In this context, a two-person rule is not relevant. Changes resulting from MDM control of the device are within the scope of the MDM SRG.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41322r1_chk )
This requirement is NA for the Mobile OS SRG.
Fix Text (F-36953r1_fix)
The requirement is NA. No fix is required.