PCF Compliance

Compliance with the requirements defined in this control are a deployer responsibility.

Control Description

The organization:

  1. Screens individuals prior to authorizing access to the information system; and
  2. Rescreens individuals according to [Assignment: organization-defined conditions requiring rescreening and, where rescreening is so indicated, the frequency of such rescreening].

Supplemental Guidance

Personnel screening and rescreening activities reflect applicable federal laws, Executive Orders, directives, regulations, policies, standards, guidance, and specific criteria established for the risk designations of assigned positions. Organizations may define different rescreening conditions and frequencies for personnel accessing information systems based on types of information processed, stored, or transmitted by the systems.

check-circle-line exclamation-circle-line close-line
Scroll to top icon