IR-9(4)

  • Requirement

    Employ the following controls for personnel exposed to information not within assigned access authorizations: [Assignment: organization-defined controls].

  • Discussion

    Controls include ensuring that personnel who are exposed to spilled information are made aware of the laws, executive orders, directives, regulations, policies, standards, and guidelines regarding the information and the restrictions imposed based on exposure to such information.

More Info

  • Title

    Information Spillage Response | Exposure to Unauthorized Personnel
  • Family

    Incident Response
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!