Question: What is the purpose of the DSAWG?
Answer: The Defense Information Assurance (IA)/Security Accreditation Working Group (DSAWG) is the first accreditation or accreditation review level for the Department of Defense (DoD) for the transport, network management, and network segments of the Defense Information Systems Network (DISN) Global Information Grid (GIG). In addition, as the community jury for evaluating risk to the DISN, the DSAWG reviews specific topic areas assigned by the DISN/GIG Flag Panel or the Military Communications Electronics Board (MCEB). The DSAWG adjudicates all high-risk connection requests as part of the DISN Connection Approval Process. In addition, as per §11.c.(2) of CJCSI) 6211.02D, the DSAWG, along with DISA and DoD CIO Identity and Information Assurance, provides technical advisors to the GIG Waiver Panel.
Question: What is the mission of the DSAWG?
Answer: The DSAWG performs the following missions and reports to the DISN Authorization Official (AO) through the Flag Panel:
i. Assess community-wide risks associated with DISN cross-domain interconnections, multiple security level technologies installed on a DISN-supported infrastructure, and new or unproven technologies and security solutions.
ii. Assess local and community-wide risks resulting from the use of commercial infrastructures for DISN traffic, DISN-interconnected systems accessed by foreign nationals, and the use of known technologies in a DISN environment for which they have not previously been approved.
iii. Perform accreditation duties in situations where the Flag Panel determines that the DSAWG’s broad visibility is necessary to assess and accept the risk to the DISN community.
iv. Review Information Assurance policies, procedures, architectures, strategies, etc., to ensure that required personnel, operations, and technologies are in place to mitigate the risk to the DISN/GIG and their connected enclaves. Recommends security policy and architecture improvements to the DISN Service Managers in support of the systems authorization process.
v. Review certification and accreditation strategies for proposed multi-site, multi-user systems that rely on the DISN/GIG transport.
Question: What is the authority of the DSAWG?
Answer:The DSAWG operates by authority of the Chairman, Joint Chiefs of Staff Instruction (CJCSI) 6211.02D, “Defense Information System Network (DISN): Policy, Responsibilities and Processes,” dated 24 January 2012. The DSAWG operates under the direct guidance of the Flag Panel, and the general guidance of the DISN AOs.
Question: Who are the voting representatives at the DSAWG?
Answer:
a. The DSAWG membership is made up of the following representatives:
i. Services: Army, USAF, Navy & USMC
ii. Agencies: DIA, DISA, NSA/CSS, Joint Staff
iii. Organizations: DCIO, USSTRATCOM, UCDMO, USD(I), DNI CIO, DCMO
b. Specifically: Primary and Alternate voting members shall be assigned, in writing, by their respective DISN AO, Chief Information Officer, or Senior Information Assurance Officer. Primary members will be O-6 or civilian equivalent; deviations may be accepted with the concurrence of the Flag Panel. Members shall be assigned from the following organizations:
- Chair (non voting, provided by DISA)
- Defense Intelligence Agency (DIA)
- Defense Information Systems Agency (DISA)
- Joint Staff (JS)
- National Security Agency (NSA)/Central Security Service (CSS)
- Service Representatives:
- U.S. Army
- U.S. Navy
- U.S. Marine Corps
- U.S. Air Force
- OSD Deputy CIO (DCIO)
- US Strategic Command (USSTRATCOM)
- Unified Cross Domain Management Office UCDMO
- Under Secretary of Defense for Intelligence (USD(I))
- Director of National Intelligence Chief Information Office (DNI CIO)
- Deputy Chief Management Office (DCMO)