The organization must maintain a SIPRNet connection approval package with the Classified Connection Approval Office (CCAO) when connecting a Secure WLAN (SWLAN) to SIPRNet.

From Mobile Policy Security Requirements Guide

Associated with: CCI-001439

SV-47254r1_rule The organization must maintain a SIPRNet connection approval package with the Classified Connection Approval Office (CCAO) when connecting a Secure WLAN (SWLAN) to SIPRNet.

Vulnerability discussion

The CCAO approval process provides assurance that the SWLAN use is appropriate and does not introduce unmitigated risks into the SIPRNet.

Check content

Verify the SWLAN system CCAO approval documentation exists, has been approved, and has a SIPRNet Interim Approval to Operate (IATO) or Approval to Operate (ATO) in the GIAP database. Verify the SWLAN system is included in the accreditation documentation and is signed by the DAA. If the SIPRNet connection approval package is not on file with the CCAO, this is a finding.

Fix text

Disable or remove the non-compliant SWLAN until the site has all required approvals for operation.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.