WN12-00-000006 - Policy must require that system administrators (SAs) be trained for the operating systems used by systems under their control.


If SAs are assigned to systems running operating systems for which they have no training, these systems are at additional risk of unintentional misconfiguration that may result in vulnerabilities or decreased availability of the system.

NOTE: Please review the benchmark to ensure target compliance.


Establish site policy that requires SAs be trained for all operating systems running on systems under their control.

Supportive Information

The following resource is also helpful.

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.