STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:

Position of Trust - Local Policy Covering Employee Personal Standards of Conduct and Responsibilities

DISA Rule

SV-42677r3_rule

Vulnerability Number

V-32340

Group Title

Position of Trust - Local Policy Covering Employee Personal Standards of Conduct Responsibilities

Rule Version

PE-01.03.02

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Ensure that a local policy exists and is readily available to employees that informs them about pertinent security regulations and standards of conduct required of persons holding positions of trust, including (and especially) the requirement to report derogatory information to their local security manager.

SOPs should be readily available to all employees in a common reading library or more efficiently, accessible on line in a common file or organization intranet.

Check Contents

Check to ensure that a local policy exists and is readily available to employees that informs them about pertinent security regulations and standards of conduct required of persons holding positions of trust, including (and especially) the requirement to report derogatory information to their local security manager.

SOPs should be readily available to all employees in a common reading library or more efficiently, accessible on line in a common file or organization intranet.

TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments where procedural documents (SOPs) should be in place. Not applicable to a field/mobile environment.

Vulnerability Number

V-32340

Documentable

False

Rule Version

PE-01.03.02

Severity Override Guidance

Check to ensure that a local policy exists and is readily available to employees that informs them about pertinent security regulations and standards of conduct required of persons holding positions of trust, including (and especially) the requirement to report derogatory information to their local security manager.

SOPs should be readily available to all employees in a common reading library or more efficiently, accessible on line in a common file or organization intranet.

TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments where procedural documents (SOPs) should be in place. Not applicable to a field/mobile environment.

Check Content Reference

M

Target Key

2506

Comments