STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 5 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← All Controls

PL-4

PlanningRev 5

Rules of Behavior

CCI Identifiers (12)

CCI-000592Establish the rules that describe their responsibilities and expected behavior, for information and system usage, for individuals requiring access to the system.CCI-000593Receive a documented acknowledgement from such individuals, indicating that they have read, understand, and agree to abide by the rules of behavior, before authorizing access to information and the system.CCI-001639The organization makes readily available to individuals requiring access to the information system the rules that describe their responsibilities and expected behavior with regard to information and information system usage.CCI-003068Review and update the rules of behavior in accordance with organization-defined frequency.CCI-003069Defines the frequency with which to review and update the rules of behavior.CCI-003070Require individuals who have acknowledged a previous version of the rules of behavior to read and re-acknowledge, on an organization-defined frequency, and/or when the rules of behavior are revised or updated.CCI-004284Establish the rules describing the responsibilities and expected behavior, for security, for individuals requiring access to the system.CCI-004285Establish the rules describing the responsibilities and expected behavior, for privacy, for individuals requiring access to the system.CCI-004286Provide the rules describing the responsibilities and expected behavior, for information and system usage, for individuals requiring access to the system.CCI-004287Provide the rules describing the responsibilities and expected behavior, for security, for individuals requiring access to the system.CCI-004288Provide the rules describing the responsibilities and expected behavior, for privacy, for individuals requiring access to the system.CCI-004289Defines the frequency individuals are required to read and re-acknowledge the rules of behavior whenever the rules are revised or updated.

Linked STIG Checks (0)

No STIG checks reference this control.