Establish the rules that describe their responsibilities and expected behavior, for information and system usage, for individuals requiring access to the system.
No STIG checks reference this CCI.