Chapter 10

Addressing Rules of Behavior


Rules of Behavior define user responsibilities and expected behavior. Users are expected to read and acknowledge the rules of behavior before access to a system is granted. Rules should be unique for a specific information system. The acknowledgment may take the form of a signed, hard copy document. More often, the acknowledgment occurs digitally when a user first accesses the system. Rules of behavior may be different for internal users and external users. Rules may define specific requirements for accessing system resources. For example, approved Web browsers with appropriate security capability may be required. It is the user’s responsibility to comply with this requirement. Agencies might require ...

Get FISMA Compliance Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.