OpenControls Logo

STIG Viewer

A secondary SharePoint site collection administrator must be defined when creating a new site collection.

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-223272SP13-00-000185SV-223272r961863_ruleCCI-000366low
Description
If a site reaches its maximum size, users will be denied access until an administrator fixes the problem. Having a secondary administrator reduces the risk of having a Denial-of-Service on a site. If the site reaches its maximum size, the secondary administrator can fix the problem if the primary administrator is not available. In some situations, having a secondary site administrator could be inappropriate for reasons of control or confidentiality.
STIGDate
Microsoft SharePoint 2013 Security Technical Implementation Guide2024-12-10

Related Frameworks

4 paths across 3 frameworks
NIST 800-531 mapping
CM-6
1.00
  • DISA · 2 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
  • DISA · 2 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
  • DISA · 2 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
  • DISA · 2 · disa_xccdf · related

Details

Check Text (C-223272r961863_chk)

Review the SharePoint server to ensure a secondary site collection administrator is defined when creating a new site collection. Log on to SharePoint Central Administration as a member of the Farm Administration Group. Click on "Application Management". Select "Site Collections" >> Change Site Collections Administrator. For each Site Collections, review Secondary Site Collection Administrator. If Secondary Site Collection Administrator is not defined, this is a finding.

Fix Text (F-24933r430874_fix)

Configure a secondary SharePoint site collection administrator when creating a new site collection. Log on to SharePoint Central Administration as a member of the Farm Administration Group. Click on "Application Management". Select "Site Collections" >> Change Site Collections Administrator. For each site, define a Secondary Site Collection Administrator. Select "OK".