Certify the system before releasing it into a production environment.
CONTROL ID 06419
CONTROL TYPE Configuration
CLASSIFICATION Preventive
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):
Establish, implement, and maintain system hardening procedures., CC ID: 12001
This Control has the following implementation support Control(s):
Document the system's accreditation and residual risks., CC ID: 06728
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
The accreditation authority may revoke or suspend an authentication product or Authentication Service accreditation. (§ 28(1)(b), The Electronic Communications and Transactions Act, 2002)
All wireless access points are Wi-Fi Alliance certified. (Security Control: 1314; Revision: 1, Australian Government Information Security Manual, March 2021)
Evaluated diodes used for controlling the data flow of unidirectional gateways between SECRET or TOP SECRET networks and public network infrastructure complete a high assurance evaluation. (Control: ISM-0645; Revision: 7, Australian Government Information Security Manual, June 2023)
Evaluated diodes used for controlling the data flow of unidirectional gateways between SECRET or TOP SECRET networks and any other networks complete a high assurance evaluation. (Control: ISM-1158; Revision: 6, Australian Government Information Security Manual, June 2023)
Evaluated peripheral switches used for sharing peripherals between SECRET and TOP SECRET systems, or between SECRET or TOP SECRET systems belonging to different security domains, preferably complete a high assurance evaluation. (Control: ISM-1457; Revision: 4, Australian Government Information Security Manual, June 2023)
Evaluated peripheral switches used for sharing peripherals between SECRET or TOP SECRET systems and any non-SECRET or TOP SECRET systems complete a high assurance evaluation. (Control: ISM-1480; Revision: 2, Australian Government Information Security Manual, June 2023)
Evaluated diodes used for controlling the data flow of unidirectional gateways between SECRET or TOP SECRET networks and public network infrastructure complete a high assurance evaluation. (Control: ISM-0645; Revision: 7, Australian Government Information Security Manual, September 2023)
Evaluated diodes used for controlling the data flow of unidirectional gateways between SECRET or TOP SECRET networks and any other networks complete a high assurance evaluation. (Control: ISM-1158; Revision: 6, Australian Government Information Security Manual, September 2023)
Evaluated peripheral switches used for sharing peripherals between SECRET and TOP SECRET systems, or between SECRET or TOP SECRET systems belonging to different security domains, preferably complete a high assurance evaluation. (Control: ISM-1457; Revision: 4, Australian Government Information Security Manual, September 2023)
Evaluated peripheral switches used for sharing peripherals between SECRET or TOP SECRET systems and any non-SECRET or TOP SECRET systems complete a high assurance evaluation. (Control: ISM-1480; Revision: 2, Australian Government Information Security Manual, September 2023)
The organization must ensure the Standard Operating Environment, gateways, and the network infrastructure are accredited before being used for processing, storing, or communicating sensitive information or classified information. (Control: 0064, Australian Government Information Security Manual: Controls)
The organization must ensure all systems have been accredited before connecting them with a gateway. (Control: 0065, Australian Government Information Security Manual: Controls)
All systems must be certified as part of the accreditation process, unless the accreditation authority thinks that if the system is not immediately operational it would have a devastating and potentially long-lasting effect on operations. (Control: 0795, Australian Government Information Security Manual: Controls)
The system must be reaccredited whenever a configuration change impacts the system security and is determined to have changed the overall security risk. (Control: 0809, Australian Government Information Security Manual: Controls)
The organization must reaccredit its networks after it enables a dual-stack environment or a wholly Internet Protocol version 6 environment. (Control: 0525, Australian Government Information Security Manual: Controls)
All wireless access points must be wi-fi alliance certified. (Control: 1314, Australian Government Information Security Manual: Controls)
The device is designed in such a way that it cannot be put into operational service until the device initialization process has been completed. This will include all necessary keys and other relevant material needed to be loaded into it. (E1, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)
The organization must conduct a system re-certification and re-accreditation every 3 years or whenever the system undergoes a major modification, the security level changes, or a major security control is compromised. The organization must conduct risk management activities for periodic system reaut… (§ 2.9, CMS Information Security Risk Assessment (IS RA) Procedure, Version 1.0 Final)
The organization must re-certify and re-accredit the system at a minimum of every 3 years. (§ 2.9, System Security Plan (SSP) Procedure, Version 1.1 Final)
Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks. (T0184, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181)
Manage and approve Accreditation Packages (e.g., ISO/IEC 15026-2). (T0145, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)â, July 7, 2020)
Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks. (T0184, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)â, July 7, 2020)
