About CSIAC
Home
Mission
History
Contact Us
 

Services
Technical Inquiry
Contribute to the STI Program
TAT Program
 

Products
IAnewsletter
IA Digest
Cyber Events Calendar
Reports
DoD IA Products Evaluations [.mil/.gov only]
Product Request
 

Resources
Total Electronic Migration System
Subject Matter Expert Program
Scientific and Technical Information [.mil/.gov only]
DoD IA Policy Chart
Links
 

Help
FAQs
Site Map
Copyright

The DoD IA Policy Chart

Building, operating and securing the Global Information Grid (GIG) for the Department of Defense is a complex and ongoing challenge. The Deputy Assistant Secretary of Defense (DASD) for Cyber Identity and Information Assurance has developed a strategy for meeting this challenge, which is available here: http://iase.disa.mil/policy-guidance/dasd_ciia__strategy_aug2009.pdf. In the CIIA Strategy, the primary goal areas are as listed as follows :

  1. Organize for unity of purpose and speed of action (shortened to "Organize" in the chart).
  2. Enable secure mission driven access to information and services (shortened to "Enable" in the chart).
  3. Anticipate and prevent successful attacks on data and networks (shortened to "Anticipate" in the chart).
  4. Prepare for and operate through cyber degradation or attack (shortened to "Prepare" in the chart).
DASD CIIA Strategy

The IA Policy Chart was inspired by the creation of a similar Acquisition Security Policy Chart by the Office of the Under Secretary of Defense for Acquisition, Technology & Logistics. The goal of the IA Policy Chart is to capture the tremendous breadth of applicable policies, some of which many IA practitioners may not even be aware, in a helpful organizational scheme. The use of color, hatching, fonts and hyperlinks are all designed to provide additional assistance to IA professionals navigating their way through policy issues in order to build, operate and secure the GIG.

At the bottom center of the chart is a legend that identifies the originator of each policy by a color-coding scheme. On the right hand side of the IA Policy Chart, there are boxes, which cover the legal authority for the policies, the federal/national level of IA policies, as well as operational and subordinate level documents that provide details on securing the GIG and its assets. Links to these documents can be found in the Chart.

Click on the chart preview to download the full PDF file with links to all policies:
Updated January 10, 2013
Check back often as the Policy Chart is updated regularly.

Because IA Policy development is a wide-ranging and ongoing process, we ask for input from all who download this chart, advising us of any policies that may have been overlooked, but should be included. In addition, we ask for any policy updates that may not be properly reflected on the IA Policy Chart or any suggestions to improve the chart.

Please use the form here to send suggestions, comments, or questions about the chart. We welcome all feedback. If you have questions about the content of any particular policy, please contact the POC for that policy directly.
Security and Privacy508 PolicySite Requirements  
footer