NAVY-WIDE DESIGNATED ACCREDITING AUTHORITY (DAA) CONSOLIDATION

UNCLASSIFIED//
ATTENTION INVITED TO  
ROUTINE
R 092005Z MAR 12 PSN 682387K34
FM CNO WASHINGTON DC
TO NAVADMIN
ZEN//OU=DOD/OU=NAVY/OU=ADDRESS LISTS(UC)/CN=AL NAVADMIN(UC)
INFO ZEN/CNO WASHINGTON DC
BT
UNCLAS
***THIS IS A 2 SECTION MESSAGE COLLATED BY OIX GATEWAY NORFOLK VA*** QQQQ
SUBJ: NAVY-WIDE DESIGNATED ACCREDITING AUTHORITY (DAA) CONSOLIDATION 
UNCLASSIFIED/ FM CNO WASHINGTON DC TO NAVADMIN 

NAVADMIN 081/12

MSGID/GENADMIN/CNO WASHINGTON DC/N2N6/MAR//

SUBJ/NAVY-WIDE DESIGNATED ACCREDITING AUTHORITY (DAA) CONSOLIDATION//



REF/A/DOC/OPNAVNOTE 5230.1297/04AUG11//
REF/B/DOC/DODI 8510.01/28NOV07//
REF/C/DOC/DADMS NETWORK REGISTRATION GUIDE, REV 3 (V3)/13JAN10//
REF/D/EMAIL/DDCIO (N) NOTIFICATION OF DAA CONSOLIDATION//
REF/E/DOC/CNSSI 4009/26APR10//
REF/F/DOC/NIST SP 800-37 REV.1/FEB10//
REF/G/DOC/OPNAVINST 5239.1C/20AUG08//

NARR/REF A IS OPNAVNOTE 5230.1297, APPOINTMENT OF OPERATIONAL DESIGNATED 
APPROVAL AUTHORITY (ODAA).  REF B IS DEPARTMENT OF DEFENSE INSTRUCTION (DODI) 
8510.01, DEPARTMENT OF DEFENSE (DOD) INFORMATION ASSURANCE CERTIFICATION AND 
ACCREDITATION PROCESS (DIACAP).  REF C IS DEPARTMENT OF NAVY (DON) APPLICATION 
AND DATABASE MANAGEMENT SYSTEM (DADMS) NETWORK REGISTRATION GUIDE, 
REGISTRATION AND DISPOSITION PROCESS FOR THE UNITED STATES NAVY (USN) 
NETWORKS/SERVERS, NETWORK DEVICES, AND SERVER APPLICATIONS, REVISION 3 
(VERSION 3).  REF D IS EMAIL FROM DDCIO (N) (SES HAITH) TO ECHELON II 
COMMANDERS NOTIFYING OF THE IMPENDING DAA CONSOLIDATION.  REF E IS COMMITTEE 
ON NATIONAL SECURITY SYSTEMS INSTRUCTION (CNSSI) 4009, NATIONAL INFORMATION 
ASSURANCE (IA) GLOSSARY.  REF F IS NATIONAL INSTITUTE OF STANDARDS AND 
TECHNOLOGY (NIST) SPECIAL PUBLICATION (SP) 800-37, REVISION 1, GUIDE FOR 
APPLYING THE RISK MANAGEMENT FRAMEWORK TO FEDERAL INFORMATION SYSTEMS: A 
SECURITY LIFE CYCLE APPROACH.  REF G IS OPNAVINST 5239.1C, NAVY INFORMATION 
ASSURANCE (IA) PROGRAM.// POC/JULIE ROSATI/CDR/OPNAV N2N6BC4/TEL: CML 571-256-
8523/EMAIL: JULIANA.ROSATI(AT)NAVY.MIL//
POC/KATE MATHERS/CIV/FLTCYBERCOM/ODAA/TEL: CML 757-417-7903 EXT 4/EMAIL: 
KATHERINE.MATHERS(AT)NAVY.MIL// POC/DARCEE BRANHAM/CIV/FLTCYBERCOM/ODAA/TEL: 
CML 757-417-6776 EXT 9/EMAIL: DARCEE.BRANHAM (AT)NAVY.MIL// POC/ODAA 
OFFICE/FLTCYBERCOM/TEL: CML 757-417-6719 EXT 0/EMAIL: 
FCC(UNDERSCORE)ODAA(AT)NAVY.MIL//

RMKS/1.  THIS NAVADMIN ANNOUNCES A NAVY-WIDE DAA CONSOLIDATION AND PROVIDES A 
TIMELINE FOR TRANSITION OF ASSOCIATED AUTHORITIES.
PURSUANT TO REF A AND TO ENABLE U.S. FLEET CYBER COMMAND (FCC) TO FULLY 
EXECUTE ITS ROLE AS THE CENTRAL OPERATIONAL AUTHORITY FOR ALL NAVY COLLATERAL 
AND GENERAL SERVICES CLASSIFIED AND UNCLASSIFIED, OPERATIONAL INFORMATION 
SYSTEMS, NETWORKS, AND TELECOMMUNICATIONS SYSTEMS, DEPUTY DON CHIEF 
INFORMATION OFFICER (CIO) NAVY (DDCIO (N)) AND FCC AGREED TO CONSOLIDATE NAVY-
WIDE DAA AUTHORITIES INTO A CENTRALIZED STRUCTURE UNDER THE AUTHORITY OF THE 
COMMANDER, FCC.

2.  DURING THE PAST YEAR, SEVERAL AUDITS ACROSS THE NAVY INFORMATION 
TECHNOLOGY (IT) ENTERPRISE IDENTIFIED SIGNIFICANT ISSUES/LAPSES IN CONFORMITY 
WITH REF B, RESULTING IN NON-COMPLIANCE WITH CERTIFICATION AND ACCREDITATION 
(C&A) POLICY, AND UNACCEPTABLE RISKS TO NAVY NETWORKS AND THE GLOBAL 
INFORMATION GRID.  NAVY DAA CONSOLIDATION WILL ENHANCE NAVY'S EFFECTIVENESS IN 
ENSURING STANDARDIZED SECURITY PRACTICES AND CONSISTENTLY APPLYING INFORMATION 
ASSURANCE AND C&A POLICY.

3.  FUNCTIONING UNDER THE AUTHORITY OF COMMANDER FCC, THE NAVY'S OPERATIONAL 
DAA (ODAA) WILL OVERSEE AND EXECUTE THE NEW DAA STRUCTURE.
IAW REF C, NAVY NETWORKS (EXCLUDING NAVY SENSITIVE COMPARTMENTED INFORMATION 
(SCI) NETWORKS) INCLUDE BUT ARE NOT LIMITED TO:
A.  RESEARCH, DEVELOPMENT, TEST & EVALUATION NETWORKS (INCLUDING USN DAA AREAS 
OF RESPONSIBILITY WITHIN DEFENSE RESEARCH AND ENGINEERING NETWORK (DREN) AND 
SECURE DREN; 
B.  ALL SHIPBOARD NETWORKS SUCH AS THE INTEGRATED SHIPBOARD NETWORK SYSTEM/IT 
FOR THE TWENTY FIRST CENTURY; 
C.  OCONUS NAVY ENTERPRISE NETWORK/BASE LEVEL INFORMATION INFRASTRUCTURE; 
D.  EXCEPTED NETWORKS (E.G., NETWORKS THAT ARE OFFICIALLY APPROVED TO REMAIN 
OUTSIDE OF THE NAVY'S ENTERPRISE NETWORKS); 
E.  LEGACY NETWORKS THAT ARE CURRENTLY IN AN ASSUMPTION OF RESPONSIBILITY 
STATE (E.G., LEGACY NETWORKS FOR WHICH HEWLETT PACKARD HAS ASSUMED 
RESPONSIBILITY) UNDER THE NAVY/MARINE CORPS INTRANET.

4.  IAW REF D, THE FOLLOWING DAAS WILL BE RETITLED AS "AUTHORIZING OFFICIAL 
DESIGNATED REPRESENTATIVE (AODR)" WHICH ALIGNS WITH REF E AND ACCORDS WITH THE 
DOD CIO TRANSITION TO NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 
TERMINOLOGY IDENTIFIED IN REF F.
A.  EDAA (EDUCATION DAA).
B.  RDAA (RESEARCH, DEVELOPMENT, TEST, AND EVALUATION DAA).
C.  DDAA (DEVELOPMENTAL DAA).
D.  PDAA (PLATFORM INFORMATION TECHNOLOGY (PIT) DAA).
E.  QOL DAA (QUALITY OF LIFE DAA).

AFLOAT COMMANDING OFFICERS WILL NOT BE RETITLED AND WILL RETAIN THEIR DEPLOYED 
DAA STATUS TO MEET EMERGENT OPERATIONAL REQUIREMENTS IAW REF G.  AODRS WILL 
CONTINUE TO EVALUATE AND REVIEW ACCREDITATION ACTIVITIES OF SYSTEMS AND 
NETWORKS UNDER THEIR COGNIZANCE.  HOWEVER, EFFECTIVE 1 OCT 2012, THE AUTHORITY 
TO SIGN ACCREDITATIONS FOR ALL NAVY COLLATERAL AND GENERAL SERVICES CLASSIFIED 
AND UNCLASSIFIED, OPERATIONAL INFORMATION SYSTEMS, NETWORKS, AND 
TELECOMMUNICATIONS SYSTEMS IS RESTRICTED TO THE NAVY ODAA.  CURRENT 
ACCREDITATIONS ISSUED BY THE DELEGATED DAAS IDENTIFIED ABOVE REMAIN IN FORCE 
AND DO NOT REQUIRE NAVY
ODAA SIGNATURE UNTIL REACCREDITATION IS REQUIRED.

5.  DELEGATED DAAS ARE DESIGNATED BY NAME AS OPPOSED TO THEIR OFFICIAL TITLE 
OR FUNCTIONAL ROLE.  MOREOVER, PERSONS NOT OFFICIALLY DESIGNATED IN WRITING 
ARE NOT PERMITTED TO TAKE ANY ACTION UNDER THE ASSUMED AUTHORITY OF DELEGATED 
DAA.  C&A STAFF ASSIGNED TO EACH AFFECTED PROGRAM/ECHELON II SHALL CONTINUE TO 
PERFORM ALL C&A ACTIVITIES THROUGH CERTIFICATION. UNTIL THE CONSOLIDATION AND 
FULL TRANSITION OF DAA AUTHORITIES IS COMPLETED, DELEGATED DAAS SHALL PROVIDE 
COPIES OF NEW ACCREDITATION DECISIONS TO THE NAVY ODAA WITHIN 48 HOURS OF 
ISSUANCE.

6.  NAVY ODAA WILL ISSUE ALL DESIGNATIONS AND INTERIM/PIT RISK APPROVALS FOR 
PIT SYSTEMS.  ECHELON II PROGRAM MANAGERS WITH A CURRENT PDAA SHALL CONTINUE 
TO PERFORM REQUIRED ACTIVITIES THROUGH CERTIFICATION/RISK DETERMINATION.

7.  DAA CONSOLIDATION WILL NOT INCLUDE NETWORKS OR SYSTEMS UNDER OPNAV N89 
SPECIAL ACCESS PROGRAM AUTHORITIES OR NAVAL INTELLIGENCE SCI AUTHORITIES.

8.  DAA CONSOLIDATION TRANSITION TIMELINE:
A.  OPNAV UPDATES REF G TO REFLECT NEW NAVY ODAA AND AODR ROLES AND 
RESPONSIBILITIES NLT APR 2012.
B.  FCC/ODAA ISSUES STANDARD OPERATING PROCEDURE IN THE FORM OF A NAVY 
TELECOMMUNICATIONS DIRECTIVE NLT APR 2012.
C.  TRANSITION ALL NAVY COLLATERAL AND GENERAL SERVICES C&A PROCESSING TO 
EMASS (EXCEPT SCI) NLT SEP 2012.
D.  FCC/ODAA CONDUCT AODR PROCESS TRAINING NLT SEP 2012.
E.  FCC/ODAA CANCEL DESIGNATIONS OF DELEGATED DAA.  DESIGNATE AODRS FOR ALL 
NAVY COLLATERAL AND GENERAL SERVICES CLASSIFED AND UNCLASSIFIED, OPERATIONAL 
INFORMATION SYSTEMS, NETWORKS, AND TELECOMMUNICATIONS SYSTEMS NLT DEC 2012.

9.  AN UPDATED VERSION OF REF G, TARGETED FOR RELEASE IN APR 2012, WILL 
PROVIDE ADDITIONAL GUIDANCE FOR COMMANDING OFFICERS IN THEIR ROLES AS DEPLOYED 
DAA.

10.  MY POINT OF CONTACT, AND DDCIO (N) REPRESENTATIVE, IS MS. JANICE  HAITH, 
AT COMM: (571) 256-8523, EMAIL: JANICE.HAITH(AT)NAVY.MIL.

11.  WIDEST DISSEMINATION REQUESTED.

12.  RELEASED BY VADM KENDALL L. CARD, DCNO FOR INFORMATION DOMINANCE, N2N6.//

BT
#0434
NNNN
UNCLASSIFIED//


%d bloggers like this: