Title

A Secure WLAN (SWLAN) connected to the SIPRNet must have a SIPRNet connection approval package on file with the Classified Connection Approval Office (CCAO). (Cat I impact)

Discussion

The CCAO approval process provides assurance that the SWLAN use is appropriate and does not introduce unmitigated risks into the SIPRNET.

Check Content

Review documentation. Verify the SWLAN system CCAO approval documentation exists and has been approved and has a SIPRNet Interim Approval to Operate (IATO) or Approval to Operate (ATO) in GIAP database. If CCAO approval documentation is not available, this is a finding.

Fix Text

Disable or remove the non-compliant SWLAN until the site has all required approvals for operation.

Additional Identifiers

Rule ID: SV-48096r1_rule

Vulnerability ID: V-36594

Group Title: SWLAN CCAO Approval

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.