STIGQter STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020:

The ISSO must report all suspected violations of IA policies in accordance with DoD information system IA procedures.

DISA Rule

SV-222623r508029_rule

Vulnerability Number

V-222623

Group Title

SRG-APP-000516

Rule Version

APSC-DV-002920

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Create and maintain a policy to report IA violations.

Check Contents

Interview the application representative and review the SOPs to ensure that violations of IA policies are analyzed and reported.

If there is no policy for reporting IA violations, this is a finding.

Vulnerability Number

V-222623

Documentable

False

Rule Version

APSC-DV-002920

Severity Override Guidance

Interview the application representative and review the SOPs to ensure that violations of IA policies are analyzed and reported.

If there is no policy for reporting IA violations, this is a finding.

Check Content Reference

M

Target Key

4093

Comments