223 of 234
First Highlight
Graphics, exponents, and equations will not display within the text file. A link to the PDF version of this section will be in this spot in the future.
CHAPTER VI
PERSONNEL SECURITY REQUIREMENTS
1. BASELINE REQUIREMENTS. The requirements of DOE 5631.2C, PERSONNEL
SECURITY PROGRAM, shall be met. All classified AISs shall have adequate
controls to ensure that personnel having access to the hardware,
software, or data have the proper security clearance, formal access
approvals, and need-to-know.
2. PERSONNEL ACCESS. Personnel who (a) operate the classified AIS, (b)
control access, or (c) design, develop, install, modify, service, or
maintain the security features that control user access or program
access to the classified AIS or to the operating system shall have been
cleared for access to the highest classification level and most
restrictive classification category of information for which the
classified AIS or any connected classified AIS is accredited. If it is
necessary for maintenance or other personnel who are not so cleared to
have temporary access to the classified AIS, they shall be escorted by a
trained classified AIS escort authorized by the CSSO.
3. USERS OF THE CLASSIFIED AIS.
a. Protection Index Zero, One, or Two. Personnel (including
application programmers) who are authorized access to the
classified AIS shall have been cleared for access to the highest
classification level and most restrictive classification category
of information processed, stored, transferred, or accessed in the
classified AIS.
b. Protection Index Three or Greater. Personnel (including
application programmers) who are authorized access to the
classified AIS shall have been cleared for access to the highest
classification level and most restrictive classification category
of information for which they are authorized and to which they have
access.
Top of Document