Vault/Secure Room Storage Standards - IDS Performance Verification

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-245811	IS-02.02.02	IS-02.02.02	SV-245811r1136699_rule	2025-12-04	2

Description
Failure to test IDS functionality on a periodic basis could result in undetected alarm sensor or other system failure. This in-turn could result in an undetected intrusion into a secure room (AKA: collateral classified open storage area) and the undetected loss or compromise of classified material. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure C, paragraphs 24.j. and 34. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: MP-4, PE-5, PE-6(1), PE-8 and MA-6. DOD Manual 5200.01, Volume 3, SUBJECT: DOD Information Security Program: Protection of Classified Information: Appendix to Enclosure 3, paragraphs 2.c. and 2.e.(7). 32 CFR 117 and 32 CFR 2001 and 2003 as well as DOD Manual 5220.32 Volume 1 Testing and alarm verification procedures for specific sensors and other IDS equipment may be obtained from the Electronic Security Center (ESS), U.S. Army Engineering and Support Center, Huntsville, AL 35816: ESS Question? AskESSMCX@usace.army.mil

Description

Failure to test IDS functionality on a periodic basis could result in undetected alarm sensor or other system failure. This in-turn could result in an undetected intrusion into a secure room (AKA: collateral classified open storage area) and the undetected loss or compromise of classified material. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure C, paragraphs 24.j. and 34. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: MP-4, PE-5, PE-6(1), PE-8 and MA-6. DOD Manual 5200.01, Volume 3, SUBJECT: DOD Information Security Program: Protection of Classified Information: Appendix to Enclosure 3, paragraphs 2.c. and 2.e.(7). 32 CFR 117 and 32 CFR 2001 and 2003 as well as DOD Manual 5220.32 Volume 1 Testing and alarm verification procedures for specific sensors and other IDS equipment may be obtained from the Electronic Security Center (ESS), U.S. Army Engineering and Support Center, Huntsville, AL 35816: ESS Question? AskESSMCX@usace.army.mil

ℹ️ Check
This check is concerned with verification of IDS functionality where IDS is used as a supplemental control for vaults or secure rooms/areas containing SIPRNet as well as other classified systems assets. Following are the required checks: Check #1. Checks of ALL individual alarm sensors (BMS, motion, glass break, etc.) will be conducted at least semi-annually. Check #2. Valid tests IAW best practices using government or industry standards and tools will be used to conduct the checks. Check #3. Written procedures will be developed for tests of each sensor type in use at a site. Check #4. Results of testing will be maintained on file for at least 1-year. TACTICAL ENVIRONMENT: This check is applicable where Vaults/Secure Rooms are used to protect classified materials or systems in a tactical environment. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.

ℹ️ Check

This check is concerned with verification of IDS functionality where IDS is used as a supplemental control for vaults or secure rooms/areas containing SIPRNet as well as other classified systems assets. Following are the required checks: Check #1. Checks of ALL individual alarm sensors (BMS, motion, glass break, etc.) will be conducted at least semi-annually. Check #2. Valid tests IAW best practices using government or industry standards and tools will be used to conduct the checks. Check #3. Written procedures will be developed for tests of each sensor type in use at a site. Check #4. Results of testing will be maintained on file for at least 1-year. TACTICAL ENVIRONMENT: This check is applicable where Vaults/Secure Rooms are used to protect classified materials or systems in a tactical environment. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.

✔️ Fix
Conduct verification of IDS functionality where IDS is used as a supplemental control for vaults or secure rooms/areas containing SIPRNet as well as other classified systems assets. Following are the required fixes: Fix #1. Ensure that checks of ALL individual alarm sensors (BMS, motion, glass break, etc.) are conducted at least semi-annually. Fix #2. Ensure that valid tests IAW best practices using government or industry standards and tools are used to conduct the checks. Fix #3. Ensure that written procedures are developed for tests of each sensor type in use at a site. Fix #4. Ensure that results of testing are maintained on file for at least one year.

✔️ Fix

Conduct verification of IDS functionality where IDS is used as a supplemental control for vaults or secure rooms/areas containing SIPRNet as well as other classified systems assets. Following are the required fixes: Fix #1. Ensure that checks of ALL individual alarm sensors (BMS, motion, glass break, etc.) are conducted at least semi-annually. Fix #2. Ensure that valid tests IAW best practices using government or industry standards and tools are used to conduct the checks. Fix #3. Ensure that written procedures are developed for tests of each sensor type in use at a site. Fix #4. Ensure that results of testing are maintained on file for at least one year.