CMMC 2.0 • LEVEL 2 • PERSONNEL SECURITY

PS.L2-3.9.1Personnel Screening

Screen individuals prior to authorizing access to the system. Rescreen individuals in accordance with every 5 years for all personnel with CUI access, and immediately upon: credible derogatory information, significant change in duties, arrest or criminal charge, or adverse financial change indicating insider threat riskCMMC/STIG.

NIST 800-171 Mapping

NIST 800-53 Controls

PS-3PS-4PS-5

Assessment Objectives

  • individuals are screened prior to authorizing access to the system.
  • individuals are rescreened in accordance with the following conditions: every 5 years for all personnel with CUI access, and immediately upon: credible derogatory information, significant change in duties, arrest or criminal charge, or adverse financial change indicating insider threat riskCMMC/STIG.

Practitioner Notes

Practitioner commentary coming soon.

Related CMMC 2.0 Practices

PS.L2-3.9.2 Personnel Termination and Transfer