📢 New post: Is It Even in Your Boundary? CVE-2026-0257 and the Question a KEV Clock Asks First · 📝 Also fresh: 20x Is Permanent Now: The Rehearsal's Over, the Rules Land in June · 🚦 Beacon — the FedRAMP 20x KSI emitter — design partners open ✨ · 🆕 20x Hub: program reference, kept current · 🧪 Free tool: KSI Quick Check — paste, run, get the verdict

FedRAMP Controls / PS

PS-5 Personnel Transfer

Family PS
Baselines moderate
Mapped KSIs 2

Control statement

a. Review and confirm ongoing operational need for current logical and physical access authorizations to systems and facilities when individuals are reassigned or transferred to other positions within the organization;
    b. Initiate {{ insert: param, ps-05_odp.01 }} within {{ insert: param, ps-05_odp.02 }};
    c. Modify access authorization as needed to correspond with any changes in operational need due to reassignment or transfer; and
    d. Notify {{ insert: param, ps-05_odp.03 }} within {{ insert: param, ps-05_odp.04 }}.

Parameter placeholders {{ insert: param, … }} reference FedRAMP-set values in the resolved profile. Full parameter map is preserved in the catalog database.

Covered by these Key Security Indicators

KSITitleCategory
KSI-IAM-04Just-in-Time Authorization
Use a least-privileged, role and attribute-based, and just-in-time security authorization model for all user and non-user accounts and services.
Identity and Access Management
KSI-IAM-05Least Privilege
_Persistently_ ensure that identity and access management employs measures to ensure each user or device can only access the resources they need.
Identity and Access Management