home || catalog: SP800-53rev3 / class: Operational / family: (PS) Personnel Security ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS

PS-01
PS-02
PS-03 *
PS-04
PS-05
PS-06
PS-07
PS-08

RA
SA
SC
SI
MMMMM

  PS-03: Personnel Screening  

base control objective:
The organization:
a. Screens individuals prior to authorizing access to organizational information and information systems; and
b. Rescreens individuals according to [Assignment: organization-defined list of conditions requiring rescreening and, where re-screening is so indicated, the frequency of such rescreening].

supplemental objective information:
Screening and rescreening are consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, guidance, and the criteria established for the risk designation of the assigned position. The organization may define different rescreening conditions and frequencies for personnel accessing organizational information systems based on the security categorization of the system.

enhancements to the base objective:

(1) The organization ensures that every user accessing an information system processing, storing, or transmitting classified, national security information is cleared and indoctrinated to the highest classification level of the information on the system.

(2) The organization ensures that every user accessing an information system processing, storing, or transmitting Sensitive Compartmented Information (SCI) is cleared to the highest classification level (i.e., Top Secret) and formally indoctrinated for the SCI compartments of the information on the system.

mapping to FIPS199 baseline:

  LOW: base     MOD: base     HIGH: base  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for PS-03:

Document Date Status Title
NIST SP800-113 July, 2008 current   Guide to SSL VPNs
NIST SP800-12 October, 1995 current   An Introduction to Computer Security: The NIST Handbook
NIST SP800-76 September, 2006 DRAFT   Biometric Data Specification for Personal Identity Verification
NIST SP800-77 December, 2005 current   Guide to IPsec VPNs
NIST SP800-78 December, 2010 current   Cryptographic Algorithms and Key Sizes for Personal Identity Verification

Search SP800-53rev3 catalog: