Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-31265 | FN-05.02.02 | SV-41516r2_rule | ECAN-1 IAAC-1 | Medium |
Description |
---|
Unauthorized access by foreign nationals to Information Systems can result in, among other things, security incidents, compromise of the system, or the introduction of a virus. |
STIG | Date |
---|---|
Traditional Security | 2013-07-11 |
Check Text ( C-39994r3_chk ) |
---|
Check to ensure there are local written procedures for when foreign national request access to U.S. systems. Validate the standards are correct. Ensure Foreign Nationals only hold IT positions authorized by regulation - primarily DoD 8570.01-M, IA Workforce Improvement Program. TACTICAL ENVIRONMENT: This check is applicable where REL partners/LN/FN are employed in a tactical environment with access to classified or unclassified US Systems or Coalition Systems. |
Fix Text (F-35162r4_fix) |
---|
There must be local written procedures for when there is a foreign national request to access to U.S. systems. Foreign Nationals must only hold IT positions authorized by regulation. IAW DoD 8570.01-M: C3.2.4.8.2. ...LNs and Foreign Nationals (FNs) must comply with background investigation requirements and cannot be assigned to IAT Level III positions. TACTICAL ENVIRONMENT: This check is applicable where REL partners/LN/FN are employed in a tactical environment with access to classified or unclassified US Systems or Coalition Systems |