Documentation - V-245778

V-245778

Traditional Security Checklist

CAT II

Title

Information Assurance - Accreditation Documentation

Description

<VulnDiscussion>Failure to provide the proper documentation can lead to a system connecting without all proper safeguards in place, creating a threat to the networks. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Encl A, para 2.; Encl B, para 6.f.; Encl C, para 3, 6.d.(2), 20.e.(1)(a)&(b), 24.e and 18a . NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: PM-1, PM-9, PM-10, AC-3 AC 3(1), AC 3(2), AC-20, RA-2 and CA-6 DODI 850...

Fix Text (Documentation Requirement)

1. A current accreditation document approved by the AO must be available for all systems and applications connected to the DODIN. 2. Copies of the original accreditation documentation along with any subsequent modifications must be available for review. 3. The Approval to Operate (ATO) or Interim Approval to Operate (IATO) must be up to date and must be signed by the current Approving Authority. 4. Check to ensure the site provided the DISN Connection Approval Office (CAO) current certification documentation IAW CAO guidance. 5. Check to ensure the site also has notified the CAO of any changes/modification to the approved architecture. 6. Check to ensure the Approval to Connect (ATC) or Interim Approval to Connect (IATC) for both SIPRNet/NIPRNet are current.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel