Protected Distribution System (PDS) Documentation - Request for Approval Documentation
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-30975 | CS-05.03.02 | SV-41019r2_rule | DCSR-3 ECCT-2 PESS-1 | Low |
| Description |
|---|
| A PDS that is not approved could cause an Information Assurance Manager, Designated Accrediting Authority and other concerned managerial personnel to not be fully aware of all vulnerabilities and residual risk of IA systems under their purview. |
| STIG | Date |
|---|---|
| Traditional Security | 2013-07-11 |
Details
| Check Text ( C-39638r2_chk ) |
|---|
| This check concerns the documentation prepared and submitted to the PDS approval authority. Any subsequent requests for modification of the PDS should also be available for review. Check to ensure: 1. The PDS documentation is complete and current. Review a copy of the initial Request for Approval of PDS, which must contain the information IAW Annex C, NSTISSI 7003. 2. Any requests for modification of the PDS approval are also available for review and contain the appropriate information. NOTES: Applies in a tactical environment but will likely not be available in mobile field locations. Such documentation should be available for inspection at a location where supporting headquarters staff (IAM, SM) would logically be located. Observations and comments may be entered into VMS, even if there is no finding. |
| Fix Text (F-34786r2_fix) |
|---|
| Documentation must exist for the initial request for PDS approval and any modification requests. If the initial documentation or modification requests were not prepared or documentation cannot be located the fix is to prepare a request for PDS approval IAW the NSTISSI 7003 template and submit to the approving authority for approval. |