STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

RA-5 (5)

Risk AssessmentRev 5organization

Vulnerability Monitoring and Scanning

Baselines:ModerateHigh

Control Statement

Implement privileged access authorization to [Assignment: system components] for [Assignment: vulnerability scanning activities].

Supplemental Guidance

In certain situations, the nature of the vulnerability scanning may be more intrusive, or the system component that is the subject of the scanning may contain classified or controlled unclassified information, such as personally identifiable information. Privileged access authorization to selected system components facilitates more thorough vulnerability scanning and protects the sensitive nature of such scanning.

CCI Identifiers (3)

CCI-002906Defines the vulnerability scanning activities in which the system implements privileged access authorization to organization-identified system components.CCI-001067Implement privileged access authorization to organization-identified system components for organization-defined vulnerability scanning activities.CCI-001645The organization identifies the information system components to which privileged access is authorized for selected organization-defined vulnerability scanning activities.

Linked STIG Checks (9)

Across 9 STIGs. Click to expand.