STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:

Information Assurance - SIPRNET Connection Approval Process (CAP)

DISA Rule

SV-41178r3_rule

Vulnerability Number

V-31091

Group Title

Information Assurance - SIPRNET CAP

Rule Version

IA-09.02.01

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

1. The DISN Connection Approval Office (CAO) must be provided with current certification documentation IAW CAO guidance.

2. The CAO must be notified in writing of any changes/modification to the approved architecture.

3. The approval to connect (ATC) or Interim Approval to Connect (IATC) must be current.

Check Contents

1. Check to ensure the site provided the DISN Connection Approval Office (CAO), current certification documentation IAW CAO guidance.

2. In addition check to ensure the site also has notified the CAO of any changes/modification to the approved architecture.

3. Check to ensure the approval to connect (ATC) or Interim Approval to Connect (IATC) is current.

TACTICAL ENVIRONMENT: The check is applicable. The ATC and associated documentation should be found in a fixed HQ location where the ISSM/ISSO are located. When possible, documentation should be requested/sought before departing on trips to tactical locations. Copies sent to the reviewers email (NIPR or SIPR depending on classification of document) can be used to validate compliance.

Information Assurance - SIPRNET Connection Approval Process (CAP)

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments