HOME

SI-4 (19)

SI-4 (19) H
Description

The organization implements [Assignment: organization-defined additional monitoring] of individuals who have been identified by [Assignment: organization-defined sources] as posing an increased level of risk.

DISA Cloud Computing SRG

Not appropriate for DoD to define for all CSP's infrastructure or service offerings

Not appropriate for DoD to define for all CSP's infrastructure or service offerings

Source:
DoD RMF TAG

Supplemental Guidance

Indications of increased risk from individuals can be obtained from a variety of sources including, for example, human resource records, intelligence agencies, law enforcement organizations, and/or other credible sources. The monitoring of individuals is closely coordinated with management, legal, security, and human resources officials within organizations conducting such monitoring and complies with federal legislation, Executive Orders, policies, directives, regulations, and standards.