Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Traditional Security Checklist
ID-01.02.01
Industrial Security - DD Form 254
Industrial Security - DD Form 254
An XCCDF Rule
Details
Profiles
Prose
Industrial Security - DD Form 254
Medium Severity
<VulnDiscussion>Failure to complete a DD Form 254 (Contract Security Classification Specification) or to specify security clearance and/or IT requirements for all contracts that require access to classified material can result in unauthorized personnel having access to classified material or mission failure if personnel are not authorized the proper access. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Encl A, Para 11, Encl B, para 4.h & 4.i., Encl C, para 5. (a, b & c), Encl C, para 26.g. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: PE-2, PE-2(1), PE-3, PE-8, , PS-3(1), PS-6(2), PS-7 DOD Manual 5200.01, Volume 4, SUBJECT: DOD Information Security Program: Controlled Unclassified Information (CUI), Encl 3, para 1.e. DOD Manual 5200.01, Volume 3, SUBJECT: DOD Information Security Program: Protection of Classified Information, Encl 2, para 18.i. DOD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016, Chapter 8, paragraph 8-302.a., b., g.& j, and paragraph 8-303.a and b. DOD Manual 5200.48 Controlled Unclassified Information (CUI) DOD Manual 5220.22, Volume 2, National Industrial Security Program: Industrial Security Procedures for Government Activities, 1 August 2018, Section 3, paragraph 3.4.a. and Section 6. DOD Instruction 8510.01, SUBJECT: Risk Management Framework (RMF) for DOD Information Technology (IT): Encl 2, para 7.l., Encl 3, para 3.b.(3), Encl 6, para 1.b.(5)(a)&(c)&(d) and para 2.c(c). DOD Instruction 8500.01, SUBJECT: Cybersecurity: Encl 2, para 13.i., j & l. and Encl 3, para 7.f., k., & l, para 9.b(4) and para 10.d. CJCSI 6211.02D, DEFENSE INFORMATION SYSTEMS NETWORK (DISN) RESPONSIBILITIES, Encl B, para 2.c.(7) and para 7., Encl C, para 6.b(7)(a) &(b), Encl D, para 2.j. DOD 8570.01-M, Information Assurance Workforce Improvement Program, paragraphs: C1.4.4.5, C1.4.4.12., C2.3.9., C3.2.4.4., C3.2.4.8., C3.2.4.8.1., C4.2.3.7.1., C7.3.4., C10.2.3.7.1., C11.2.4.7.1.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>