From Traditional Security
Part of Information Assurance - SIPRNET CAP
Associated with IA controls: EBCR-1, DCID-1
Failure to provide current connection documentation to the Classified Connection Approval Office (CCAO) and allowing a system to connect and operate without a current CCAO approval can result in a vulnerability to all SIPRNet connected systems on the DISN.
1. Check to ensure the site provided the Classified Connection Approval Office (CCAO), current certification documentation IAW CCAO guidance. 2. In addition check to ensure the site also has notified the CCAO of any changes/modification to the approved architecture. 3. Check to ensure the approval to connect (ATC) or Interim Approval to Connect (IATC) is current. TACTICAL ENVIRONMENT: The check is applicable. The ATC and associated documentation should be found in a fixed HQ location where the IAM/IAO are located. When possible, documentation should be requested/sought before departing on trips to tactical locations. Copies sent to the reviewers email (NIPR or SIPR depending on classification of document) can be used to validate compliance.
1. The Classified Connection Approval Office (CCAO) must be provided with current certification documentation IAW CCAO guidance. 2. The CCAO must be notified in writing of any changes/modification to the approved architecture. 3. The approval to connect (ATC) or Interim Approval to Connect (IATC) must be current.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer