Check: WIR-SPP-006-02
Mobile Device Policy STIG (STIG):
WIR-SPP-006-02
(in version v2 r6)
Title
Mobile users must complete required training annually. (Cat III impact)
Discussion
Users are the first line of security controls for mobile device systems. They must be trained in using mobile device security controls or the system could be vulnerable to attack. If training is not renewed on an annual basis, users may not be informed of new security procedures or may forget previously trained procedures, which could lead to an exposure of sensitive DoD information.
Check Content
This requirement applies to mobile operating system (OS) mobile devices. All mobile device users must receive required training annually. If training records do not show users receiving required training at least annually, this is a finding.
Fix Text
Complete required training annually for all mobile device users.
Additional Identifiers
Rule ID: SV-36045r6_rule
Vulnerability ID: V-28317
Group Title: Annual training required
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |