DoDI 8510.01, Risk Management Framework (RMF) for DOD Information Technology (IT), 12 March 2014
The DSAWG, in support of the DOD ISRMC, is the community forum for reviewing and resolving authorization issues related to the sharing of community risk. The DSAWG develops and provides guidance to the AOs for IS connections to the DOD Information Enterprise.
CJCSI 6211.02D, Defense Information System Network (DISN) Responsibilities, 24 January 2012
13. The DSAWG, IAW its charter, shall:
- Support DOD ISRMC in its role as the final risk decision authority for DISN connections.
- Decide on or approve actions for those classes of ISs and circumstances delegated by the DoD ISRMC (e.g., similar architectures, enterprise ISs, and CDSs previously approved by the DOD ISRMC).
- Make connection approval recommendations to the DOD ISRMC for those classes of ISs not delegated by the DoD ISRMC (e.g., new technology or high risk connections).
- Recommend to the DOD ISRMC disconnection or disapproval of a CDS.
- Oversee and provide guidance to the Cross Domain Technical Advisory Board (CDTAB).
- Recommend changes to the DOD security policy and responsibilities.
- Guide or assist development of DISN integrated system/security architecture changes.
- Provide community risk assessments.
- Report results of the assessments (and possible alternative proposals to mitigate risk) to the DoD ISRMC as required.
- Monitor life cycle of the DISN-provided transport and information services to identify and resolve security issues.
- Coordinate with the ADNI & CIO through the UCDSMO on CD connections between TOP SECRET/SCI and other DOD classified domains including connections to the DISN.
- Provide security assessments and recommendations to the DOD CIO GWP and to the CDRB, as required.