The ISSO must report all suspected violations of IA policies in accordance with DoD information system IA procedures.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-222623 | SRG-APP-000516 | APSC-DV-002920 | SV-222623r961863_rule | 2025-02-12 | 6 |
| Description |
|---|
| Violations of IA policies must be reviewed and reported. If there are no policies regarding the reporting of IA violations, IA violations may not be tracked or addressed in a proper manner. |
| ℹ️ Check |
|---|
| Interview the application representative and review the SOPs to ensure that violations of IA policies are analyzed and reported. If there is no policy for reporting IA violations, this is a finding. |
| ✔️ Fix |
|---|
| Create and maintain a policy to report IA violations. |