Out-processing Procedures for Departing or Terminated Employees (Military, Government Civilian and Contractor)
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-245860 | PE-07.03.01 | SV-245860r822921_rule | Low |
| Description |
| STIG | Date |
| Traditional Security Checklist | 2024-08-09 |
Details
| Check Text (C-49291r770240_chk) |
| Check to ensure the organization has documented out-processing procedures. Review a sampling of personnel security files of departed personnel to ensure compliance. Files of departed personnel should be maintained by an organization for at least 90-days. Ensure the procedures and records of departed employees reviewed include: -Removal from access to Government Information Systems, - Turning in all access badges, classified and/or sensitive information, - Removal from automated entry control systems (AECS) and - Signing of an SF 312 acknowledging a security debriefing. NOTE: The SF 312 is only applicable for those persons holding a security clearance. TACTICAL ENVIRONMENT: The check is applicable for fixed (established) tactical processing environments where procedural documents (SOPs) and personnel records should be in place. Not applicable to a field/mobile environment. |
| Fix Text (F-49246r770241_fix) |
| Ensure there are local procedures covering the out-processing of departing employees (Military, Government Civilian and Contractor) and that records of departed employees on-hand reflect that out-processing was conducted. Out-processing records should be retained for a minimum of 90-days. Ensure that out-processing procedures and records include: -Removal from access to Government Information Systems, - Turning in all access badges, classified and/or sensitive information, - Removal from automated entry control systems (AECS) and - Signing of an SF 312 acknowledging a security debriefing. NOTE: The SF 312 is only applicable for those persons holding a security clearance. |