diff --git a/features/fedramp_extensions.feature b/features/fedramp_extensions.feature
index ee8fd1e33..b37cc75f5 100644
--- a/features/fedramp_extensions.feature
+++ b/features/fedramp_extensions.feature
@@ -69,6 +69,10 @@ Examples:
| response-point-PASS.yaml |
| role-defined-system-owner-FAIL.yaml |
| role-defined-system-owner-PASS.yaml |
+ | role-defined-authorizing-official-poc-FAIL.yaml |
+ | role-defined-authorizing-official-poc-PASS.yaml |
+ | role-defined-information-system-security-officer-FAIL.yaml |
+ | role-defined-information-system-security-officer-PASS.yaml |
| scan-type-FAIL.yaml |
| scan-type-PASS.yaml |
| user-type-FAIL.yaml |
@@ -115,6 +119,8 @@ Examples:
| resource-has-base64-or-rlink |
| resource-has-title |
| role-defined-system-owner |
+ | role-defined-authorizing-official-poc |
+ | role-defined-information-system-security-officer |
| scan-type |
| user-type |
#END_DYNAMIC_CONSTRAINT_IDS
\ No newline at end of file
diff --git a/src/validations/constraints/content/ssp-all-VALID.xml b/src/validations/constraints/content/ssp-all-VALID.xml
index b1dc0267a..841061010 100644
--- a/src/validations/constraints/content/ssp-all-VALID.xml
+++ b/src/validations/constraints/content/ssp-all-VALID.xml
@@ -26,6 +26,12 @@
System Owner
+
+ Authorizing Official Point of Contact
+
+
+ Information System Security Officer (or Equivalent)
+
diff --git a/src/validations/constraints/fedramp-external-constraints.xml b/src/validations/constraints/fedramp-external-constraints.xml
index 2680bc36c..0b2d8e28e 100644
--- a/src/validations/constraints/fedramp-external-constraints.xml
+++ b/src/validations/constraints/fedramp-external-constraints.xml
@@ -78,9 +78,15 @@
-
- Each implemented requirement must have at least one by-component reference to the source component implementing it.
-
+
+ Each implemented requirement must have at least one by-component reference to the source component implementing it.
+
+
+ SSP metadata must have the authorizing official POC role.
+
+
+ SSP metadata must have the information system security officer POC role.
+
diff --git a/src/validations/constraints/unit-tests/role-defined-authorizing-official-poc-FAIL.yaml b/src/validations/constraints/unit-tests/role-defined-authorizing-official-poc-FAIL.yaml
new file mode 100644
index 000000000..04e258437
--- /dev/null
+++ b/src/validations/constraints/unit-tests/role-defined-authorizing-official-poc-FAIL.yaml
@@ -0,0 +1,8 @@
+# Driver for the invalid role-defined-authorizing-official-poc constraint unit test.
+test-case:
+ name: The invalid role-defined-authorizing-official-poc constraint unit test.
+ description: Test that SSP metadata does not contain the authorizing-official-poc role.
+ content: ../content/ssp-all-INVALID.xml
+ expectations:
+ - constraint-id: role-defined-authorizing-official-poc
+ result: fail
\ No newline at end of file
diff --git a/src/validations/constraints/unit-tests/role-defined-authorizing-official-poc-PASS.yaml b/src/validations/constraints/unit-tests/role-defined-authorizing-official-poc-PASS.yaml
new file mode 100644
index 000000000..bf0446b56
--- /dev/null
+++ b/src/validations/constraints/unit-tests/role-defined-authorizing-official-poc-PASS.yaml
@@ -0,0 +1,8 @@
+# Driver for the valid role-defined-authorizing-official-poc constraint unit test.
+test-case:
+ name: The valid role-defined-authorizing-official-poc constraint unit test.
+ description: Test that SSP metadata contains the authorizing-official-poc role.
+ content: ../content/ssp-all-VALID.xml
+ expectations:
+ - constraint-id: role-defined-authorizing-official-poc
+ result: pass
\ No newline at end of file
diff --git a/src/validations/constraints/unit-tests/role-defined-information-system-security-officer-FAIL.yaml b/src/validations/constraints/unit-tests/role-defined-information-system-security-officer-FAIL.yaml
new file mode 100644
index 000000000..24aee5f5f
--- /dev/null
+++ b/src/validations/constraints/unit-tests/role-defined-information-system-security-officer-FAIL.yaml
@@ -0,0 +1,8 @@
+# Driver for the invalid role-defined-information-system-security-officer constraint unit test.
+test-case:
+ name: The invalid role-defined-information-system-security-officer constraint unit test.
+ description: Test that SSP metadata does not contain the information-system-security-officer role.
+ content: ../content/ssp-all-INVALID.xml
+ expectations:
+ - constraint-id: role-defined-information-system-security-officer
+ result: fail
\ No newline at end of file
diff --git a/src/validations/constraints/unit-tests/role-defined-information-system-security-officer-PASS.yaml b/src/validations/constraints/unit-tests/role-defined-information-system-security-officer-PASS.yaml
new file mode 100644
index 000000000..e6400df0a
--- /dev/null
+++ b/src/validations/constraints/unit-tests/role-defined-information-system-security-officer-PASS.yaml
@@ -0,0 +1,8 @@
+# Driver for the valid role-defined-information-system-security-officer constraint unit test.
+test-case:
+ name: The valid role-defined-information-system-security-officer constraint unit test.
+ description: Test that SSP metadata contains the information-system-security-officer role.
+ content: ../content/ssp-all-VALID.xml
+ expectations:
+ - constraint-id: role-defined-information-system-security-officer
+ result: pass
\ No newline at end of file