Special Instructions
Please find the description for completing the ATNA Questionnaire here: ATNA_SA-SN_Questionnaire.
Other ATNA tests depend on this being done first. You cannot pass ATNA as a Secure Node or Secure Application without completing the questionnaire.
If you have run test ATNA_SA-SN_Questionnaire_PAT as a pre-projectathon test, there is no need to create a new questionnaire, only provide the link to your questionnaire in a test instance for this test.
Description
In this test, we ensure that you have completed the ATNA Questionnaire in the Gazelle Security Suite (gss) Tool.
The ATNA profile has specific requirements for secure communication (TLS) and logging. There are other requirements that describe how you protect and monitor your system.
We learn about these requirements in the context of *your* product through the ATNA Questionnaire.
Evaluation
The Connectathon Monitor reviews the completed questionnaire.
The Monitor will:
- in the Gazelle Security Suite (gss) Tool, find the questionnaire for this test system under menu Audit Trail-->ATNA Questionnaire. Open it in proofread mode.
- Verify the questionnaire is in sync with Gazelle TM : Just above the various tabs, (next to the "back to list" button) "The ATNA Questionnaire is up to date with Gazelle TM registration" must be displayed. If the questionnaire is not up to date with registration, mark this test "partially verified" and ask the vendor to update the questionnaire (Monitor must be in proofread mode to see the message)
- Verify that the questionnaire is marked with status 'Ready to be reviewed'. If not, mark this test 'Partially verified' with a note to the vendor to complete the questionnaire and mark it 'Ready to be reviewed'. We do not want to waste monitors' time reviewing incomplete questionnaires.
- To evaluate the content of the questionnaire itself, review the evaluation instruction from test ATNA_SA-SN_Questionnaire.