Free DISA STIG and SRG Library | Vaulted

V-28317

Mobile users must complete required training annually.

Finding ID
WIR-SPP-006-02
Rule ID
SV-36045r5_rule
Severity
Cat III
CCE
(None)
Group Title
Annual training required
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

Users are the first line of security controls for CMD systems. They must be trained in using CMD security controls or the system could be vulnerable to attack. If training is not renewed on an annual basis, users may not be informed of new security procedures or may forget previously trained procedures, which could lead to an exposure of sensitive DoD information.

Fix Text

Complete required training annually for all CMD users.

Check Content

This requirement applies to mobile operating system (OS) CMDs. All CMD users must receive required training annually. If training records do not show users receiving required training at least annually, this is a finding.

Responsibility

System Administrator

IA Controls

PETN-1