UCF STIG Viewer Logo

Position of Trust - Local Policy Covering Employee Personal Standards of Conduct and Responsibilities


Overview

Finding ID Version Rule ID IA Controls Severity
V-245853 PE-01.03.02 SV-245853r822918_rule Low
Description
Failure to inform personnel of the expected standards of conduct while holding a position of trust can result in conduct by the individual that will require them being removed from that position and/or result in an untrustworthy person continuing in a position of trust without proper vetting of new derogatory information. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND); Enclosure A, paragraph 7.f. and Enclosure C, paragraph 4.e. and 5. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: PS-1, PS-6, AT-1, AT-3 and PL-4. DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016, Chapter paragraphs 3-107.d. and 3-108. DoD Manual 5200.02, Procedures for the DoD Personnel Security Program (PSP), April 3, 2017, Paragraphs 7.4. ADJUDICATIVE GUIDELINES, 9.2., 11.2. a. (1), (2), (3) and b. 12.1. White House Memorandum and Intelligence Community Policy Guidance 704.2, December 29, 2005, Subject: Adjudicative Guidelines DoD 5200.2-R, Personnel Security Program, Chapter 9, paragraph C9.1.2 - Management Responsibility (rescinded but provided for purpose of historical perspective/reference).
STIG Date
Traditional Security Checklist 2022-09-22

Details

Check Text ( C-49284r770219_chk )
Check to ensure that a local policy exists and is readily available to employees that informs them about pertinent security regulations and standards of conduct required of persons holding positions of trust, including (and especially) the requirement to report derogatory information to their local security manager.

SOPs should be readily available to all employees in a common reading library or more efficiently, accessible on line in a common file or organization intranet.

TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments where procedural documents (SOPs) should be in place. Not applicable to a field/mobile environment.
Fix Text (F-49239r770220_fix)
Ensure that a local policy exists and is readily available to employees that informs them about pertinent security regulations and standards of conduct required of persons holding positions of trust, including (and especially) the requirement to report derogatory information to their local security manager.

SOPs should be readily available to all employees in a common reading library or more efficiently, accessible on line in a common file or organization intranet.