Defense Information Assurance Security Accreditation Working Group

From Cross-Domain Wiki
Jump to: navigation, search

Contents

Defense Information Assurance Security Accreditation Working Group (DSAWG)

This is the first accreditation or accreditation review level for the transport, network management, and network segments of the Defense Information Systems Network (DISN) for the Department of Defense (DoD) Global Information Grid (GIG). In addition, as the community jury for evaluating risk to the DISN/GIG, the DSAWG reviews specific topic areas assigned by the DISN/GIG Principal Accrediting Authorities (PAAs) in their capacity as the DISN/GIG Flag Panel.

Who sits on the DSAWG?

The DSAWG membership is made up of the following representatives:

  • Services: Air Force, Army, Marine Corps, Navy
  • Agencies: DIA, DISA, NSA, Joint Staff
  • Organizations: DIAP, DNI CIO, Office of the Under Secretary of Defense for Intelligence – OUSD(I), STRATCOM, Unified Cross Domain Management Office (UCDMO), USD (AT&L).

Primary and Alternate voting members shall be assigned, in writing, by their respective DISN DAA, Chief Information Officer, or senior Information Assurance officer. (See DSAWG Charter and the Sample Designation Letter.) Primary members will be O-6 or civilian equivalent; deviations may be accepted with the concurrence of the Flag Panel.

Policy and Responsibility

CJCSI 6211.02C, Defense Information System Network (DISN)

  • Consist of representatives from the Joint Staff, Office of the Under Secretary of Defense for Intelligence, OASD(NII), USSTRATCOM, Services, DISA, DIA, NSA/CSS, Office of the DNI CIO, and the UCDMO. Other organizations may be invited to attend as technical advisors.
  • Support DISN/GIG Flag Panel in its role as the final risk decision authority for DISN connections.
  • Decide on or approve actions under authority delegated by the DISN/GIG Flag Panel.
  • Make connection approval recommendations to the DISN/GIG Flag Panel.
  • Make connection approval and risk decisions for those classes of ISs and circumstances delegated by the DISN/GIG Flag Panel (e.g., similar architectures and CD solutions previously approved by the DISN/GIG Flag Panel).
  • Recommend to the DISN/GIG Flag Panel disconnection or disapproval of a CD solution.
  • Recommend changes to DOD security policy and responsibilities.
  • Guide or assist development of DISN integrated system/security architecture changes.
  • Provide community risk assessments.
  • Report results of the assessments (and possible alternative proposals to mitigate risk) to the DISN/GIG Flag Panel as required.
  • Coordinate with the ADNI CIO through the UCDMO on CD connections between TOP SECRET/SCI and other DOD classified domains including connections to the DISN.
  • Establish a Cross Domain Technical Advisory Board (CDTAB). The CDTAB will:
    • Assess technical risk of cross domain solutions.
    • Report results of CD risk assessments and propose alternate solutions to mitigate risk.
    • Advise and make recommendations to the DSAWG and CDRB on CD technical issues and details.
  • Monitor life cycle of the DISN long-haul service to identify and resolve security issues.
  • Recommend DISN resource prioritization for DISN connection requests to the DISN/GIG Flag Panel.
  • Provide security assessments to the Office of the Secretary of Defense (OSD) GIG Waiver Board in support of the DOD CIO GIG Waiver Process. Note: The OSD GIG Waiver Board supports the DOD CIO Executive Board for Requests for Waiver pertaining to the DISN.

Authority

DSAWG/DISA is responsible for all Secret and Below Interoperability (SABI) systems.

References

disa.mil

Personal tools