NVD

NIST Special Publication 800-53 (Rev. 4)

Security and Privacy Controls for Federal Information Systems and Organizations

PS-2 POSITION RISK DESIGNATION

Family:

Personnel Security

Class:

Priority:

P1 - Implement P1 security controls first.

Baseline Allocation:

Low	Moderate	High
PS-2	PS-2	PS-2

Control Description

The organization:

a. Assigns a risk designation to all organizational positions;

b. Establishes screening criteria for individuals filling those positions; and

c. Reviews and updates position risk designations [Assignment: organization-defined frequency].

Supplemental Guidance

Position risk designations reflect Office of Personnel Management policy and guidance. Risk designations can guide and inform the types of authorizations individuals receive when accessing organizational information and information systems. Position screening criteria include explicit information security role appointment requirements (e.g., training, security clearances).

Related to: AT-3 , PL-2 , PS-3

Control Enhancements

None.

References

5 C.F.R. 731.106	http://www.gpo.gov/fdsys/granule/CFR-2012-title5-vol2/CFR-2012-title5-vol2-sec731-106/content-detail.html

800-53 (Rev. 4)

Security Controls: Low-Impact; Moderate-Impact; High-Impact
Other Links: Families; Search

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database