The organization documents the rationale for the execution of privileged commands and access to security-relevant information in the security plan for the information system.
No STIG checks reference this CCI.