Counter-Intelligence Program - Training, Procedures and Incident Reporting

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
low	V-245873	SM-03.03.01	SM-03.03.01	SV-245873r770281_rule	2024-08-09	2

Description
Failure to establish a good working relationship with the supporting/local CI agency and lack of proper CI training for site/organization employees could result in not being informed of local threats and warnings leaving the organization vulnerable to the threat and/or a delay in reporting a possible incident involving reportable FIE-Associated Cyberspace Contacts, Activities, Indicators, and Behaviors, which could adversely impact the Confidentiality, Integrity, or Availability (CIA) of the DISN. REFERENCES: DoDD 5240.06, Counterintelligence Awareness and Reporting (CIAR), 17 May 11, Incorporating Change 2, July 21, 2017 Enclosure 3 and Enclosure 4. para 4.a. Satisfies: Counter-Intelligence Program - Training, Procedures and Incident Reporting

Description

Failure to establish a good working relationship with the supporting/local CI agency and lack of proper CI training for site/organization employees could result in not being informed of local threats and warnings leaving the organization vulnerable to the threat and/or a delay in reporting a possible incident involving reportable FIE-Associated Cyberspace Contacts, Activities, Indicators, and Behaviors, which could adversely impact the Confidentiality, Integrity, or Availability (CIA) of the DISN. REFERENCES: DoDD 5240.06, Counterintelligence Awareness and Reporting (CIAR), 17 May 11, Incorporating Change 2, July 21, 2017 Enclosure 3 and Enclosure 4. para 4.a. Satisfies: Counter-Intelligence Program - Training, Procedures and Incident Reporting

ℹ️ Check
Background Information: It is DoD policy that: a. Initial and annual CI awareness and reporting (CIAR) training on the foreign intelligence entity (FIE) threat, methods, reportable information, and reporting procedures shall be provided to DoD personnel as outlined in Enclosure 3 of DoDD 5240.06, 17 May 11 . b. Potential FIE threats to the DoD, its personnel, information, materiel, facilities, and activities, or to U.S. national security shall be reported by DoD personnel in accordance with Enclosure 4 of DoDD 5240.06. c. Failure to report FIE threats as identified in paragraph 3.a and section 5 of Enclosure 4 of DoDD 5240.06 may result in judicial or administrative action or both pursuant to applicable law or policy. Checks: Check #1. Check to ensure all assigned site/organization personnel have received both initial and annual CIAR training in accordance with DoDD 5240.06. Check #2. Check to ensure there are procedures for reporting possible threat information and that local threat assessments and warnings received are properly shared with the work force. TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments. Not applicable to a field/mobile environment.

ℹ️ Check

Background Information: It is DoD policy that: a. Initial and annual CI awareness and reporting (CIAR) training on the foreign intelligence entity (FIE) threat, methods, reportable information, and reporting procedures shall be provided to DoD personnel as outlined in Enclosure 3 of DoDD 5240.06, 17 May 11 . b. Potential FIE threats to the DoD, its personnel, information, materiel, facilities, and activities, or to U.S. national security shall be reported by DoD personnel in accordance with Enclosure 4 of DoDD 5240.06. c. Failure to report FIE threats as identified in paragraph 3.a and section 5 of Enclosure 4 of DoDD 5240.06 may result in judicial or administrative action or both pursuant to applicable law or policy. Checks: Check #1. Check to ensure all assigned site/organization personnel have received both initial and annual CIAR training in accordance with DoDD 5240.06. Check #2. Check to ensure there are procedures for reporting possible threat information and that local threat assessments and warnings received are properly shared with the work force. TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments. Not applicable to a field/mobile environment.

✔️ Fix
Background Information: It is DoD policy that: a. Initial and annual CI awareness and reporting (CIAR) training on the foreign intelligence entity (FIE) threat, methods, reportable information, and reporting procedures shall be provided to DoD personnel as outlined in Enclosure 3 of DoDD 5240.06, 17 May 11 . b. Potential FIE threats to the DoD, its personnel, information, materiel, facilities, and activities, or to U.S. national security shall be reported by DoD personnel in accordance with Enclosure 4 of DoDD 5240.06. c. Failure to report FIE threats as identified in paragraph 3.a and section 5 of Enclosure 4 of DoDD 5240.06 may result in judicial or administrative action or both pursuant to applicable law or policy. Fixes: Ensure all assigned site/organization personnel have received both initial and annual CIAR training in accordance with DoDD 5240.06. Further, ensure there are procedures for reporting possible threat information and that local threat assessments and warnings received are properly shared with the work force.

✔️ Fix

Background Information: It is DoD policy that: a. Initial and annual CI awareness and reporting (CIAR) training on the foreign intelligence entity (FIE) threat, methods, reportable information, and reporting procedures shall be provided to DoD personnel as outlined in Enclosure 3 of DoDD 5240.06, 17 May 11 . b. Potential FIE threats to the DoD, its personnel, information, materiel, facilities, and activities, or to U.S. national security shall be reported by DoD personnel in accordance with Enclosure 4 of DoDD 5240.06. c. Failure to report FIE threats as identified in paragraph 3.a and section 5 of Enclosure 4 of DoDD 5240.06 may result in judicial or administrative action or both pursuant to applicable law or policy. Fixes: Ensure all assigned site/organization personnel have received both initial and annual CIAR training in accordance with DoDD 5240.06. Further, ensure there are procedures for reporting possible threat information and that local threat assessments and warnings received are properly shared with the work force.