STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Application Security and Development Security Technical Implementation Guide

V-222623

CAT II (Medium)

The ISSO must report all suspected violations of IA policies in accordance with DoD information system IA procedures.

Rule ID

SV-222623r961863_rule

STIG

Application Security and Development Security Technical Implementation Guide

Version

V6R4

CCIs

CCI-000149

Discussion

Violations of IA policies must be reviewed and reported. If there are no policies regarding the reporting of IA violations, IA violations may not be tracked or addressed in a proper manner.

Check Content

Interview the application representative and review the SOPs to ensure that violations of IA policies are analyzed and reported.
 
If there is no policy for reporting IA violations, this is a finding.

Fix Text

Create and maintain a policy to report IA violations.