Print Control Failure in Critical Information Systems: A Governance and Operational Security Perspective

This article analyses a print control failure involving the automatic release of a classified document on a shared network printer. The findings are particularly relevant for critical information systems supporting naval, maritime and defence organizations, where secure document handling contributes directly to operational continuity, information assurance and organizational resilience. The case examines a realistic scenario in which sensitive information is printed without user authentication at the device and remains unattended in the output tray. Using a structured technical-operational case study method, the paper reconstructs the incident, identifies assets and actors, classifies failures, assesses risk, and proposes corrective and preventive measures. The main finding is that the incident should not be reduced to an individual user error. It results from a weak control model combining automatic release, limited logging, insufficient physical protection, incomplete procedures, and predictable interruption of the authorised user. The article demonstrates that classified printing should be treated as a controlled release event rather than as a routine administrative process. The proposed response combines authenticated print release, user-linked audit logs, encrypted temporary queue retention, procedure revision, improved printer placement, periodic audit, and targeted training.