10.6. Information Sharing and DoD Oversight
10.6.1. Program Information
10.6.2. Life-Cycle Management of Information
10.6.3. Classification and Management of Sensitive Information
10.6.1. Program Information
It is Department of Defense (DoD) policy to keep reporting requirements to a minimum. Nevertheless, complete and current program information is essential to the acquisition process. Consistent with the tables of required regulatory and statutory information in DoD Instruction 5000.02; decision authorities require program managers and other participants in the defense acquisition process to present the minimum information necessary to understand program status and make informed decisions. The Milestone Decision Authority tailors program information case-by-case, as necessary. Integrated Product Teams facilitate the management and exchange of program information.
The Program Manager, the DoD Component, or the Office of the Secretary of Defense (OSD) staff prepares most program information. Some information requires approval by an acquisition executive or other senior decision authority. Other information is for consideration only. In most cases, information content and availability are more important than format.
Unless otherwise specified, all plans, waivers, certifications and reports of findings referred to in this Guidebook are exempt from licensing under one or more exemption provisions of DoD 8910.1-M.
10.6.2. Life-Cycle Management of Information
Program Managers (PMs) will comply with recordkeeping responsibilities under the Federal Records Act for the information collected and retained in the form of electronic records (See DoD Directive 5015.2.). Electronic record-keeping systems should preserve the information submitted, as required by section 3101 of title 44, United States Code and implementing regulations. Electronic record-keeping systems should also provide, wherever appropriate, for the electronic acknowledgment of electronic filings that are successfully submitted. PMs must consider the record-keeping functionality of any systems that store electronic documents and electronic signatures to ensure users have appropriate access to the information and can meet the Agency's record-keeping needs.
10.6.3. Classification and Management of Sensitive Information
Program Managers (PMs) must review their programs to identify and document critical program information (CPI) requiring protection (DoD Instruction 5200.39). (PMs) must also review their programs to identify controlled unclassified information (CUI). CUI includes "FOUO" information as defined in DoD Directive 5230.24 and information with other approved markings requiring dissemination controls that are exempt from mandatory disclosure under the Freedom of Information Act (e.g., DoD 5400.7-R, DoD Directive 5230.25, and Export Control Act).
When necessary, PMs develop Security Classification Guides in accordance with DoD 5200.1-R.