 NSTSSI Security Education Standards |
| NSTSSI Security Education Standards |
9. COMPLIANCE VALIDATION
a. Automated Tool
1) conduct post-accreditation periodic compliance validation reviews in
accordance with the timelines identified in the SSAA or as requested by the DAA;
2) identify and discuss the testing tools with site personnel, if necessary; and
3) verify that the identified tools remain compliant with the current
accreditation.
b. Process Review
1) discuss the identified life-cycle processes and procedures with cognizant site
personnel;
2) identify the life-cycle processes and procedures to support mission
accomplishment;
3) manage the review in accordance with the identified timelines;
4) review the physical, environmental, technical, and procedural security
disciplines;
5) review the SSAA and assist in its revision, if necessary;
6) verify that the identified life-cycle processes and procedures remain
compliant with the current accreditation;
7) verify the status of the system's current risks; and
8) explain the results and the recommendations, based on the findings, in
support or denial of continued certification to the DAA.
c. Connection Requirements
verify that connections of systems to networks or to each other follow a defined
set of requirements as found in the SSAA.