Protected Distribution System (PDS) Documentation

Protected Distribution System (PDS) Documentation - Signed Approval

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-30974	CS-05.03.01	SV-41017r2_rule	DCSR-3 ECCT-1 PESS-1	Low

Description
A PDS that is not approved could cause an Information Assurance Manager, Designated Approving Authority and other concerned managerial personnel to not be fully aware of all vulnerabilities and residual risk of IA systems under their purview.

STIG	Date
Traditional Security	2013-07-11

Details

Check Text ( C-39637r2_chk )
Validate that: 1. The approval authority is the system Designated Accrediting Authority (DAA), cognizant security office for contractors or other Department or Agency designee having Approval Authority for the installation and operation of the PDS and 2. That a documented approval of the PDS is signed by the current approval authority. NOTE: In tactical environments mobile systems employing inter-shelter cabling need not be re-approved for each relocation if the relocation provides security comparable to that of the original approval. Otherwise, new approval must be obtained.

Check Text ( C-39637r2_chk )

Validate that:
1. The approval authority is the system Designated Accrediting Authority (DAA), cognizant security office for contractors or other Department or Agency designee having Approval Authority for the installation and operation of the PDS and

2. That a documented approval of the PDS is signed by the current approval authority.

NOTE: In tactical environments mobile systems employing inter-shelter cabling need not be re-approved for each relocation if the relocation provides security comparable to that of the original approval. Otherwise, new approval must be obtained.

Fix Text (F-34784r2_fix)
1. The approval authority must be the system DAA, cognizant security office for contractors or other Department or Agency designee having Approval Authority for the for the installation and operation of the PDS and 2. A documented approval of the PDS must be signed by the current approval authority. NOTE: In tactical environments mobile systems employing inter-shelter cabling need not be re-approved for each relocation if the relocation provides security comparable to that of the original approval. Otherwise, new approval must be obtained.

Fix Text (F-34784r2_fix)

1. The approval authority must be the system DAA, cognizant security office for contractors or other Department or Agency designee having Approval Authority for the for the installation and operation of the PDS and

2. A documented approval of the PDS must be signed by the current approval authority.

NOTE: In tactical environments mobile systems employing inter-shelter cabling need not be re-approved for each relocation if the relocation provides security comparable to that of the original approval. Otherwise, new approval must be obtained.