ISSUANCE OF LOGICAL ACCESS CREDENTIALS TO CERTAIN VOLUNTEER PERSONNEL:
RAAUZYUW RUEWMCS0001 1811300-UUUU--RUCRNAD ZNR UUUUU R 292136Z JUN 09 FM CNO WASHINGTON DC//N6// TO NAVADMIN INFO CNIC WASHINGTON DC//00/N6// BUPERS MILLINGTON TN//00/N1// COMNAVNETWARCOM NORFOLK VA//00// ZEN/SSC ATLANTIC CHARLESTON SC//00// UNCLAS //N5500// NAVADMIN 196/09 MSGID/GENADMIN/CNO WASHINGTON DC/N6// SUBJ/ISSUANCE OF LOGICAL ACCESS CREDENTIALS TO CERTAIN VOLUNTEER PERSONNEL// REF/A/DOC/OUSD (P&R) MEMO/14 AUG 08// REF/B/DODI 1100.21/26 DEC 02// NARR/REF A IS OUSD (P&R) MEMORANDUM ANNOUNCING VOLUNTEER CREDENTIAL PILOT PROGRAM. REF B IS DOD INSTRUCTION ON VOLUNTARY SERVICES IN DOD.// RMKS/1. THIS IS A COORDINATED CNO (N1), CNO (N6), CNNWC AND CNIC (N6) MESSAGE. 2. THE PURPOSE OF THIS NAVADMIN IS TO ANNOUNCE A PILOT PROGRAM TO ISSUE LOGICAL ACCESS CREDENTIALS TO DOD VOLUNTEERS HAVING A VERIFIED REQUIREMENT FOR ACCESS TO DOD COMPUTERS/NETWORKS IN ORDER TO FULFILL THEIR DESIGNATED SUPPORT MISSION. 3. THE NEW VOLUNTEER CREDENTIAL IS A PLASTIC SMART CARD WHICH WILL CONTAIN DOD PUBLIC KEY INFRASTRUCTURE (PKI) CERTIFICATES AND IS INTENDED FOR THE SOLE PURPOSE OF GAINING ACCESS TO DOD COMPUTERS/NETWORKS IN ORDER FOR THE VOLUNTEER TO FULFILL THEIR DESIGNATED MISSION. IT IS NOT A DOD COMMON ACCESS CARD (CAC) AND WILL NOT DISPLAY A PHOTO. IT DOES NOT CONVEY BENEFITS OR ENTITLEMENTS OR ANY OTHER PRIVILEGES, NOR CAN IT BE USED FOR PHYSICAL ACCESS PURPOSES. 4. THIS CARD WILL BE ISSUED AT A REAL-TIME AUTOMATED PERSONNEL IDENTIFICATION SYSTEM (RAPIDS) SITE (ID-CARD ISSUING SITE, NORMALLY A PERSONNEL SUPPORT DETACHMENT (PSD) OR PASS & ID OFFICE), AFTER THE VOLUNTEER HAS BEEN VETTED AND APPROVED FOR DOD SYSTEMS ACCESS AND ENTERED INTO THE CONTRACTOR VERIFICATION SYSTEM (CVS) BY AN AUTHORIZED TRUSTED AGENT (TA) OF THE SPONSORING COMMAND. PER REF A, UNDER NO CIRCUMSTANCES WILL A VOLUNTEER LOGICAL ACCESS CARD BE ISSUED TO A VOLUNTEER WHOSE DATA HAS NOT BEEN VERIFIED IN THE DEFENSE ENROLLMENT AND ELIGIBILITY REPORTING SYSTEM (DEERS). 5. VOLUNTEERS ARE DEFINED IN REFERENCE B AS INDIVIDUALS WHO DONATE THEIR SERVICES TO DOD COMPONENTS, INCLUDING NONAPPROPRIATED FUND INSTRUMENTALITIES (NAFI). ALL INDIVIDUALS INVOLVED IN GRANTING SYSTEM ACCESS MUST BE KNOWLEDGEABLE OF ELIGIBILITY REQUIREMENTS OF VOLUNTEER POPULATIONS. 6. ELIGIBILITY REQUIREMENTS FOR ISSUANCE OF LOGICAL ACCESS CREDENTIALS: A. BE A STUDENT INTERN (5 U.S.C. 3111), AN AUTHORIZED DOD VOLUNTEER (10 U.S.C. 1588) OR RED CROSS VOLUNTEER. B. REQUIRE FREQUENT ACCESS TO A DOD NETWORK TO PERFORM VOLUNTEER DUTIES. C. BE A U.S. CITIZEN. D. BE SPONSORED BY NAVY AS PART OF AN OFFICIAL VOLUNTEER ASSIGNMENT. E. BE REGISTERED IN DEERS THROUGH THE CVS. F. HAVE A NATIONAL AGENCY CHECK (NAC) INITIATED AS REQUIRED BY DOD 5200.2R FOR INDIVIDUALS REQUIRING NETWORK ACCESS FOR AUTOMATED DATA PROCESSING (ADP)-III POSITIONS (SYNONIMOUS WITH IT-III) AND HAVE A FAVORABLE COMPLETION OF THE AUTOMATED FBI NATIONAL CRIMINAL HISTORY CHECK (FINGERPRINT CHECK). NAC MUST BE FAVORABLE WHEN COMPLETED. G. AGREE TO BE PHOTOGRAPHED AND HAVE FINGERPRINTS TAKEN AND STORED IN THE VOLUNTEER'S DEERS RECORD. H. HAVE AN OFFICIAL NAVY EMAIL ACCOUNT ESTABLISHED. 7. PROGRAM ROLES AND RESPONSIBILITIES: A. OPNAV N6 MAINTAINS POLICY AND OVERSIGHT FUNCTIONS OF THE PILOT PROGRAM. B. BUREAU OF NAVAL PERSONNEL (BUPERS-26) DEERS/RAPIDS PROJECT OFFICE WILL ENSURE RAPIDS SITE SECURITY MANAGERS (SSMS) AND RAPIDS OPERATORS (VERIFYING OFFICIALS) ARE PROVIDED WITH INFORMATION CONCERNING ISSUANCE OF THE VOLUNTEER SMART CARD TO AUTHORIZED VOLUNTEERS. RAPIDS VERSION 7.4 WILL SUPPORT ISSUANCE OF THIS CARD AND RAPIDS 7.3 SITES WILL BE UPGRADED BEGINNING MARCH 2009. THE DEERS/RAPIDS PROJECT OFFICE WILL ENFORCE THE VOLUNTEER CREDENTIAL ISSUANCE POLICY. C. COMMANDER, NAVY INSTALLATIONS COMMAND (CNIC), CAC PROGRAM MANAGEMENT OFFICE, AS CVS PROGRAM MANAGER, WILL ISSUE PROCEDURES FOR 1) APPLYING FOR THE LOGICAL ACCESS SMART CARD; 2)COMPLETING VETTING REQUIREMENTS; 3) INPUTING, VERIFYING, AND APPROVING VOLUNTEER DATA INTO CVS; AND, 4) OVERSEEING CVS TRUSTED AGENT (TA) PERFORMANCE. D. SPONSORING COMMAND SECURITY MANAGER WILL: 1) ENSURE NAC IS INITIATED. 2) PERFORM THE FBI FINGERPRINT CHECK OR ENSURE FINGERPRINT CHECK HAS BEEN COMPLETED. 3) PROVIDE DOCUMENTATION TO THE RESPONSIBLE SPONSOR THAT NAC HAS BEEN INITIATED AND THE RESULTS OF THE FBI FINGERPRINT CHECK. E. VOLUNTEER SPONSORS. THE VOLUNTEER SPONSOR IS NORMALLY THE INDIVIDUAL IN THE DIRECT LINE OF SUPERVISION OVER THE VOLUNTEER. SPONSORS MUST: 1) BE A DOD UNIFORMED SERVICE MEMBER OR DOD CIVILIAN EMPLOYEE. 2) BE CAPABLE OF SENDING AND RECEIVING DIGITALLY SIGNED AND ENCRYPTED EMAIL. 3) POSSESS A VALID COMMON ACCESS CARD (CAC). 4) DETERMINE VALIDITY OF REQUEST AND VERIFY REQUIREMENT FOR VOLUNTEER TO HAVE LOGICAL ACCESS TO THE DOT MIL DOMAIN TO EFFECTIVELY EXECUTE MISSION. COMPLETE SYSTEM AUTHORIZATION ACCESS REQUEST NAVY (SAAR-N) AND OBTAIN SIGNATURE OF AUTHORIZED INFORMATION ASSURANCE REPRESENTATIVE (I.E. INFORMATION ASSURANACE MANAGER (IAM)). ENSURE THE ANNUAL INFORMATION ASSURANCE AWARENESS TRAINING IS COMPLETED BY THE VOLUNTEER. 5) ENSURE THE VOLUNTEER HAS THE NAC INITIATED AND FAVORABLE FBI FINGERPRINT COMPLETED AND THAT THE ASSOCIATED DOCUMENTATION HAS BEEN FORWARDED TO THE TA. 6) FORWARD VOLUNTEER REGISTRATION REQUEST AND DOCUMENTATION FROM THE SECURITY MANAGER TO CVS TA IN A DIGITALLY SIGNED AND ENCRYPTED EMAIL. 7) RETRIEVE VOLUNTEER CARD AND RETURN TO A RAPIDS SITE WHEN THE CARD IS NO LONGER REQUIRED. F. CVS TRUSTED AGENT (TA): 1) PROCESS REGISTRATION REQUESTS FOR VOLUNTEER LOGICAL ACCESS CREDENTIAL AND ENTER APPROPRIATE DATA INTO CVS. 2) MAINTAIN DIGITALLY SIGNED EMAIL FROM VOLUNTEER SPONSOR WITH THE REGISTRATION REQUEST FOR ALL VOLUNTEERS ENTERED INTO CVS. G. COMMANDING OFFICERS/OFFICERS IN CHARGE/DEPARTMENT HEADS AND OTHER AUTHORIZED INDIVIDUALS ACCEPTING VOLUNTEER SERVICES: 1) ASSIGN A TA FOR ENTERING VOLUNTEER DATA INTO CVS, IF A TA IS NOT ALREADY APPOINTED WITHIN YOUR COMMAND. 2) ENSURE REQUIREMENTS FOR ACCESS TO DOD COMPUTERS AND SYSTEMS ARE VALID. ACCESS TO DOD INFORMATION SYSTEMS MUST BE BASED ON DEMONSTRATED “NEED TO KNOW” REASONING AND GRANTED IN ACCORDANCE WITH DOD 5200.2R. GRANTING ACCESS TO DOD COMPUTERS AND SYSTEMS TO PERSONNEL WHO HAVE NOT BEEN PROPERLY VETTED IS A VIOLATION OF THE COMPUTER FRAUD AND ABUSE ACT OF 1986 (TITLE 18 U.S.C SECTION 1830 - AMENDED IN 1994, 1996 AND 2001 BY THE PATRIOT ACT.) VIOLATIONS OF THIS ACT CAN RESULT IN CIVIL AND/OR CRIMINAL ACTIONS FOR COMPENSATORY AND PUNITIVE DAMAGES. 8. VOLUNTEER LOGICAL ACCESS CREDENTIALS WILL BE ISSUED FOR THREE YEARS OR THE PROJECTED END DATE OF THE VOLUNTEER'S MISSION, WHICHEVER OCCURS FIRST. 9. DETAILED CVS PROCEDURES TO INCLUDE SPECIFIC DOCUMENTATION REQUIRED WILL BE FORTHCOMING FROM CNIC CAC PROGRAM MANAGEMENT OFFICE (PMO) AND POSTED ON THE CAC PMO WEBSITE AT HTTP:(SLASH) (SLASH)PMO.CAC.NAVY.MIL. 10. THIS NAVADMIN EXPIRES ON 14 AUGUST 2011. 11. POINTS OF CONTACT: FOR POLICY QUESTIONS CONCERNING LOGICAL ACCESS REQUIREMENTS AND PKI ISSUES: MR. ROBERT WEILMINSTER (OPNAV N6F5211), (703) 601-1264. FOR RAPIDS SITES: BUPERS DEERS/RAPIDS PROJECT OFFICE, MRS. LAWANDA BING (901) 874-3467/DSN882 ; PSC WORFOLK (901) 874-3482; OR, MR. LINDEN BUTLER (901) 874-4862. FOR PROCEDURES, TASM AND TA SPONSORING PERSONNEL: CAC PMO DONNA FREEDMAN (850)452-7705. 12. RELEASED BY VADM HARRY B. HARRIS, JR., DCNO COMMUNICATION NETWORKS OPNAV (N6)// BT NNNN