UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The DBMS IA policies and procedures should be reviewed annually or more frequently.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15138 DG0096-ORACLE11 SV-24689r1_rule DCAR-1 Low
Description
A regular review of current database security policies and procedures is necessary to maintain the desired security posture of the DBMS. Policies and procedures should be measured against current DoD policy, STIG guidance, vendor-specific guidance and recommendations, and site-specific or other security policies.
STIG Date
Oracle Database 11g Installation STIG 2014-04-02

Details

Check Text ( C-29227r1_chk )
Review documented policy and procedures included or noted in the System Security Plan as well as evidence of implementation for annual reviews of DBMS IA policy and procedures.

If policy and procedures do not exist, are incomplete, or are not implemented and followed annually or more frequently, this is a Finding.
Fix Text (F-26248r1_fix)
Develop, document and implement procedures to review DBMS IA policies and procedures.