Title

The voice or video system certification and accreditation must be maintained to reflect the installation or modification of the system configuration. (Cat III impact)

Discussion

The DSN system is certified and accredited per the DoD Risk Management Framework (RMF) either separately or as part of a larger site accreditation. Previous to the DoD RMF, the DoD Information Assurance Certification and Accreditation Process (DIACAP) or DoD Information Technology Security Certification and Accreditation Process (DITSCAP) were used for certification and accreditation.

Check Content

Review the DSN system accreditation documentation and compare this with the current architecture. If the voice or video system certification and accreditation is not maintained to reflect the installation or modification of the system configuration, this is a finding.

Fix Text

Update the voice or video system certification and accreditation documentation to accurately represent the current system configuration.

Additional Identifiers

Rule ID: SV-8847r1_rule

Vulnerability ID: V-8352

Group Title: DSN03.08

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.