UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Handling of Classified Documents, Media, Equipment - Written Procedures for when classified material/equipment is removed from a security container and/or secure room.


Overview

Finding ID Version Rule ID IA Controls Severity
V-31988 IS-07.03.01 SV-42287r2_rule PESP-1 PESS-1 Low
Description
Failure to develop procedures and to train employees on protection of classified when removed from storage could lead to the loss or compromise of classified or sensitive information due to a lack of employee knowledge of requirements.
STIG Date
Traditional Security 2013-07-11

Details

Check Text ( C-40626r7_chk )
1. Check there are written procedures for handling classified material/equipment when removed from a security container and/or secure room. These procedures must thoroughly cover all aspects of protection and storage of classified materials and be made readily available to each employee via electronic means, such as in space on an organizational intranet, shared folders or other means available. (CAT III)

2. Check training logs (initial and annual refresher) that all employees granted access to classified are briefed on proper handling procedures e.g., use of cover sheets, maintaining positive control of the material, marking/labeling, access by vendors, determining clearance and need-to-know before release, reproduction, etc. (CAT III)

TACTICAL ENVIRONMENT: The check is applicable for fixed tactical classified processing environments. Not applicable to a field/mobile environment.
Fix Text (F-35917r7_fix)
There must be written procedures for handling classified material/equipment when removed from approved storage (security container and/or secure room, vault, collateral classified open storage area or SCIF).

The procedures must be readily available to each employee via electronic means, such as in space on an organizational intranet, shared folders or other means available

Training logs (initial and annual refresher) must reflect that all employees granted access to classified are briefed on proper handling procedures e.g., use of cover sheets, maintaining positive control of the material, marking/labeling, access by vendors, determining clearance and need-to-know before release, reproduction, etc.