The macOS system must disable the iCloud Calendar services.

STIG ID: APPL-14-002012  |  SRG: SRG-OS-000095-GPOS-00049 |  Severity: medium |  CCI: CCI-000381 |  Vulnerability Id: V-259487 | 

Vulnerability Discussion

The macOS built-in Calendar.app connection to Apple's iCloud service must
be disabled.

Apple's iCloud service does not provide an organization with enough control over the storage and access
of data and, therefore, automated calendar synchronization must be controlled by an organization
approved service.

Check

Verify the macOS system is configured to disable iCloud Calendar services with the
following command:

/usr/bin/osascript -l JavaScript << EOS
$.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess')\
.objectForKey('allowCloudCalendar').js
EOS

If the result is not "false", this is a finding.

Fix

Configure the macOS system to disable iCloud Calendar services by
installing the "com.apple.applicationaccess" configuration profile.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.