Position of Trust - Knowledge of Responsibility to Self Report Derogatory Information

From Traditional Security

Part of Position of Trust - Knowledge of Responsibility to Report Derogatory Information

Associated with IA controls: PRRB-1

SV-42673r2_rule Position of Trust - Knowledge of Responsibility to Self Report Derogatory Information

Vulnerability discussion

Failure to inform personnel of the expected standards of conduct while holding a position of trust and their responsibility to self-report derogatory information to the organization security managercan result in conduct by the individual that will require them being removed from that position.

Check content

Checks: Check to ensure that Individuals are familiar with pertinent personnel security regulations, such as DoD 5200.2-R and are aware of standards of conduct required of persons holding positions of trust, including (and especially) the requirement to report derogatory information to their local security manager. This check must be based upon the results of a general survey of multiple employees rather than a single instance of an employee who is not familiar with personal responsibilites. TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments AND is applicable to a field/mobile environment.

Fix text

Fix: Ensure that Individuals are familiar with pertinent personnel security regulations, such as DoD 5200.2-R and are aware of standards of conduct required of persons holding positions of trust, including (and especially) the requirement to report derogatory information to their local security manager. Recommend conducting a general survey of multiple employees to ascertain their familiarity with personal responsibilities.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer