Exposure to Unauthorized Personnel IR-9(4)

Overview:
The organization employs [Assignment: organization-defined security safeguards] for personnel exposed to information not within assigned access authorizations.

Supplemental Guidance:
Security safeguards include, for example, making personnel exposed to spilled information aware of the federal laws, directives, policies, and/or regulations regarding the information and the restrictions imposed based on exposure to such information.

Action Items:
1) Create a response procedure for information exposure to unauthorized personnel

Related Documents:
1) Incident Response Plan

Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none

Moderate Additional FedRAMP Requirements and Guidance
none