Reporting Requirements
Per NIST SP 800-53, “Position risk designations reflect Office of Personnel Management (OPM) policy and guidance. Proper position designation is the foundation of an effective and consistent suitability and personnel security program.”
Specifically, Per PS-2 of NIST SP 800-53, organizations are to “a. Assign a risk designation to all organizational positions; b. Establish screening criteria for individuals filling those positions; and c. Review and update position risk designations…” a personnel security policy and procedure. The keyword here is “establish”, which means you need a policy for PS-2.
Specifically, Per PS-2 of NIST SP 800-53, organizations are to “a. Assign a risk designation to all organizational positions; b. Establish screening criteria for individuals filling those positions; and c. Review and update position risk designations…” a personnel security policy and procedure. The keyword here is “establish”, which means you need a policy for PS-2.
How to Get Started
Start by downloading our world-class position risk designation policy and procedures template, along with additional NIST RMF information security and privacy policies and procedures at the Arlington Security Portal (ASP).
