Title

An IA policy and information library must be maintained. (Cat III impact)

Discussion

The site ISSO will ensure an up-to-date IA policy and information library is maintained to ensure current DoD guidance is available for reference. The library must include current network, voice, and policy documents published by the Chairman of the Joint Chiefs of Staff, DoD CIO's office, applicable STIGs and SRGs, accreditation certification, and other relevant documents.

Check Content

Review site documentation to confirm an IA policy and information library is maintained. If an IA policy and information library is not maintained, this is a finding.

Fix Text

Implement an IA policy and information library and maintain it with current DoD and other relevant policy.

Additional Identifiers

Rule ID: SV-8441r2_rule

Vulnerability ID: V-7955

Group Title: Maintain security library

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.