U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Microsoft Project 2016 STIG Version 1, Release 2 Checklist Details (Checklist Revisions)

Supporting Resources:


Target CPE Name
Microsoft Project 2016 cpe:/a:microsoft:project:2016 (View CVEs)

Checklist Highlights

Checklist Name:
Microsoft Project 2016 STIG
Checklist ID:
Version 1, Release 2
Review Status:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:

Checklist Summary:

This Microsoft Project 2016 Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to Microsoft Project 2016 application. The Microsoft Office System 2016 STIG must also be applied when any Office 2016 package is installed. This document is a requirement for all DoD-administered systems and all systems connected to DoD networks. These requirements are designed to assist Security Managers (SMs), Information System Security Managers (ISSMs), Information System Security Officers (ISSOs), and System Administrators (SAs) with configuring and maintaining security controls. This guidance supports DoD system design, development, implementation, certification, and accreditation efforts.

Checklist Role:

  • Desktop Client
  • Office Software

Known Issues:

Not provided.

Target Audience:

Developed for the DOD. This checklist has been created for IT professionals, particularly Windows system administrators and information security personnel. The document assumes that the reader has experience installing and administering applications on Windows-based systems in domain or standalone configurations.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DOD Directive 8500.1


Not provided.


Not provided.

Product Support:


Point of Contact:



Not provided.


Not provided.

Change History:

Updated to FINAL - 02/13/2017
Updated URL to reflect change to the DISA website - http --> https
Updated to FINAL - 09/07/2017
Added GPOs - 8/6/18
Updated to FINAL - 9/6/2018
Updated GPO Resource - 11/29/2018
Corrected SHA for GPO file - 12/19/2018
Updated URLs - 6/11/19
Removed Unsupported Content Link 8/30/2019
removed GPO file - 12/13/19
Added GPO file per DISA - 8/5/2020
Updated Benchmark per DISA - 8/11/2020
Updated Title per DISA - 8/19/2020
benchmark removed per DISA - 9/4/2020
updated GPO file - 10/29/2020
Updated GPO per DISA 5/3/22
Updated GPO per DISA - 5/31/22
Updated GPO per DISA - 8/1/22
updated GPO file - 11/7/2022
updated GPO file - 1/31/2023
Updated GPO per DISA - 5/1/23
Updated GPO per DISA - 7/31/23
Updated GPO per DISA - 8/21/23
Updated GPO per DISA - 11/2/23
Corrected SHA discrepancy - 11/3/2023
updated GPO package - 1/31/24
SHA - 2/7/24
Updated Resources - 06/10/2024


URL Description


Reference URL Description

NIST checklist record last modified on 06/10/2024