STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020: STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:SV-42288r3_rule
V-31989
Handling of Classified - Use of Cover Sheets on Documents
IS-07.03.02
CAT III
10
Ensure classified handling procedures address use of cover sheets on classified documents printed from systems such as SIPRNet, when the documents are removed from secure storage.
Address use of cover sheets during initial and annual refresher security training.
Periodically check areas for use of cover sheets.
While not required by regulation it is good security practice to use document cover sheets in a SCIF, Secret or TS vault or secure room to prevent inadvertent access to classified information by persons without need-to-know and uncleared visitors to such classified areas.
During the review/walk-around be observant for classified documents without cover sheets. Unless an employee is specifically working on the document - a cover sheet must be placed on it to ensure classified information is not inadvertently exposed. If the document without a cover sheet is located in a SCIF, Secret or TS vault or secure room - this should not be written as a finding; however, highly recommend use of cover sheets as a best security practice for enforcement of need-to-know. If the document w/o cover sheet is found in a Secret Controlled Access Area (CAA) or below, this should be made a finding.
TACTICAL ENVIRONMENT: The check is applicable for fixed tactical classified processing environments. It is assumed the type of equipment referenced will be in a fixed environment. Not applicable to a field/mobile environment.
V-31989
False
IS-07.03.02
During the review/walk-around be observant for classified documents without cover sheets. Unless an employee is specifically working on the document - a cover sheet must be placed on it to ensure classified information is not inadvertently exposed. If the document without a cover sheet is located in a SCIF, Secret or TS vault or secure room - this should not be written as a finding; however, highly recommend use of cover sheets as a best security practice for enforcement of need-to-know. If the document w/o cover sheet is found in a Secret Controlled Access Area (CAA) or below, this should be made a finding.
TACTICAL ENVIRONMENT: The check is applicable for fixed tactical classified processing environments. It is assumed the type of equipment referenced will be in a fixed environment. Not applicable to a field/mobile environment.
M
2506