DISA STIGS Viewer - Foreign National (FN) Physical Access Control - Areas Containing US Only Information Systems Workstations/Monitor Screens, Equipment, Media or Documents

Foreign National (FN) Physical Access Control - Areas Containing US Only Information Systems Workstations/Monitor Screens, Equipment, Media or Documents

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-245765	FN-04.01.01	SV-245765r917327_rule		High

Description

STIG	Date
Traditional Security Checklist	2024-08-09

Details

Check Text (C-49196r917172_chk)

THIS REQUIREMENT PERTAINS TO CLASSIFIED ENVIRONMENTS such as Secret or higher vaults or classified open storage areas (secure rooms or SCIFs) WHERE FN partners ARE PRESENT with limited or no access to classified information /systems; in particular the SIPRNet. This is important to note, because without the FN presence in such an environment, placement of classified documents and classified removable media in safes when unattended would not normally be necessary/required.

CHECK #1: Check to ensure all classified and sensitive documents and removable storage media containing US Only information are either under the continuous observation and control of cleared US personnel or placed in an approved GSA container (Safe) when not in use and under proper US control. (CAT I)

The requirement in check #2 is complementary to the requirement covered in check #1. Unescorted access to areas where US Only classified equipment, documents and media are present must not be granted to any FN (regardless of clearance level) when cleared US personnel are not present to provide oversight.

CHECK #2: Check to ensure FN access to classified open storage areas (includes vaults, secure rooms, and SCIFs) containing SIPRNet assets is permitted only during normal working hours when US personnel are present to provide oversight. (CAT I)

TACTICAL ENVIRONMENT: This check is applicable where REL partners/LN/FN are employed within fixed facilities in a tactical environment with access to US Systems.

Fix Text (F-49151r917173_fix)

This fix pertains to mixed classified environments containing US Only systems and media where FN partners are present:

1. All classified and sensitive documents and removable storage media containing US Only information must either be under the continuous observation and control of cleared US personnel or placed in an approved GSA container (Safe) when not in use and under proper US control.

2. Foreign National (FN) access to classified open storage areas (includes vaults, secure rooms, and SCIFs) must be permitted only during normal working hours when US personnel are present to provide oversight.

NOTE: DODM 8570 requirements will be met until full implementation of DODM 8140.03 requirements. Implementation dates for DOD Manual 8140.03 include a two-year timeline for personnel (civilian and military) in positions coded with cybersecurity work roles and three years for personnel (civilian and military) in positions coded with work roles in any other workforce element. The dates for required qualification would be 15 February 2025 for cybersecurity work roles and the same date in February 2026 for all Defense Cyber Workforce Framework work roles.