Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-245854 | PE-01.03.03 | SV-245854r822919_rule | Low |
Description |
---|
Failure to inform personnel of the expected standards of conduct while holding a position of trust can result in conduct by the individual that will require them being removed from that position or result in a person no longer meeting standards criteria continuing to hold a position of trust without proper vetting for suitability. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND); Enclosure A, paragraph 7.f. & 11. and Enclosure C, paragraph 4.e. & 5. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: PS-1, PS-6, AT-1, AT-3 and PL-4. DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016, Chapter 1, Section 2, paragraph 1-205 and Chapter 3. DoD Manual 5200.02, Procedures for the DoD Personnel Security Program (PSP), April 3, 2017, Paragraphs 9.2.,11.2.a. and 12.1. DoD 5200.2-R, Personnel Security Program, Chapter 2, paragraph C2.2., Chapter 9, paragraphs C9.1.4. & C9.2.3. (rescinded but provided for purpose of historical perspective/reference). DoD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016, Chapter 1, Section 2, paragraph 1-205 and Chapter 3. DoD Manual 5200.02, Procedures for the DoD Personnel Security Program (PSP), April 3, 2017, Paragraphs 9.2.,11.2.a. and 12.1. |
STIG | Date |
---|---|
Traditional Security Checklist | 2023-05-31 |
Check Text ( C-49285r770222_chk ) |
---|
General Information: The effectiveness of an individual in meeting security responsibilities is proportional to the degree to which the individual understands them. Thus, an integral part of the DoD security program is the indoctrination and continuous training of individuals on their security responsibilities. CHECK to ensure that Standards of Conduct and Personal Responsibilities are covered in initial, annual refresher and termination training/briefings. TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments where procedural documents (SOPs) should be in place. Not applicable to a field/mobile environment. |
Fix Text (F-49240r770223_fix) |
---|
General Information: The effectiveness of an individual in meeting security responsibilities is proportional to the degree to which the individual understands them. Thus, an integral part of the DoD security program is the indoctrination and continuous training of individuals on their security responsibilities. FIX: Ensure that Standards of Conduct and Personal Responsibilities are covered in initial, annual refresher and termination training/briefings. |