Title

The organization must maintain a SIPRNet connection approval package with the Classified Connection Approval Office (CCAO) when connecting a Secure WLAN (SWLAN) to SIPRNet. (Cat I impact)

Discussion

The CCAO approval process provides assurance that the SWLAN use is appropriate and does not introduce unmitigated risks into the SIPRNet.

Check Content

Verify the SWLAN system CCAO approval documentation exists, has been approved, and has a SIPRNet Interim Approval to Operate (IATO) or Approval to Operate (ATO) in the GIAP database. Verify the SWLAN system is included in the accreditation documentation and is signed by the DAA. If the SIPRNet connection approval package is not on file with the CCAO, this is a finding.

Fix Text

Disable or remove the non-compliant SWLAN until the site has all required approvals for operation.

Additional Identifiers

Rule ID:

Vulnerability ID: V-35938

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.