From Traditional Security
Part of Security and Information Assurance (IA) Staff Appointment, Training/Certification and Suitability
Associated with IA controls: DCSD-1, PRTN-1
Failure to formally appoint security personnel and detail responsibilities, training and other requirements in the appointment notices could result in a weaken security program due to critical security and information assurance personnel not being fully aware of the scope of their duties and responsibilities or not being properly trained or meeting standards for appointment to assigned positions.
Checks: Check #1. Check to ensure there are appointment letters for all security staff members including the SM, DAA, IAM, IAOs, System Administrators, and NSO. (CAT III) Check #2. Check to ensure the appointments are current and an appropriate authority has made the appointments. (CAT III) Check #3. Check to ensure that pertinent duties, responsibilities, training/certification and other suitability requirements for the appointed positions are contained in the appointment order. (CAT III) Check # 4. Check supporting documentation to ensure that security staff have been properly trained and certified for the positions to which they are appointed and that they meet all applicable requirements for the positions. For instance the DAA and IAM must be US Citizens. (CAT II) TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments. Not applicable to a field/mobile environment.
Fixes: 1. Ensure there are appointment letters for all security staff and IA members including the SM, DAA, IAM, IAOs, System Administrators, and NSO. 2. Ensure the appointments are current and appropriate authorities have made the appointments. 3. Ensure that pertinent duties, responsibilities, training/certification and other suitability requirements for the appointed positions are contained in the appointment order. 4. Ensure that security staff have been properly trained and certified for the positions to which they are appointed and that they meet all applicable requirements for the positions. For instance the DAA and IAM must be US Citizens.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer