Position of Trust - Knowledge of Responsibility to Self Report Derogatory Information
An XCCDF Rule
Description
<VulnDiscussion>Failure to inform personnel of the expected standards of conduct while holding a position of trust and their responsibility to self-report derogatory information to the organization security manager can result in conduct by the individual that will require them being removed from that position REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND); Enclosure A, paragraph 7.f. and Enclosure C, paragraph 4.e. and 5. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: PS-1, PS-6, AT-1, AT-3 and PL-4. DOD 5220.22-M (NISPOM), Incorporating Change 2, 18 May 2016, Chapter paragraphs 3-107.d. and 3-108. DOD Manual 5200.02, Procedures for the DOD Personnel Security Program (PSP), April 3, 2017, Paragraphs 7.4. ADJUDICATIVE GUIDELINES, 9.2., 11.2. a. (1), (2), (3) and b. 12.1. White House Memorandum and Intelligence Community Policy Guidance 704.2, December 29, 2005, Subject: Adjudicative Guidelines DOD 5200.2-R, Personnel Security Program, Chapter 9, paragraph C9.1.4 - Individual Responsibility (rescinded but provided for purpose of historical reference).</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-245852r917359_rule
- Severity
- Low
- Updated
Remediation - Manual Procedure
Ensure that Individuals are familiar with pertinent personnel security regulations, such as DOD Manual 5200.02 and are aware of standards of conduct required of persons holding positions of trust, including (and especially) the requirement to report derogatory information to their local security manager.
Compliance can be validated by:
1. Ensuring that organizational personnel security initial and annual refresher training records include the topic of standards of conduct for individuals holding a security clearance in addition to covering each individual's responsibility to self-report derogatory information to their security manager.