ARMY - AR 25-2
|Publication Date:||24 October 2007|
This regulation applies to the Active Army, the Army National Guard/Army National Guard of the United States, and the U.S. Army Reserve, unless otherwise stated. Also, it applies to all users, information systems, and networks at all information classification levels; program executive officers; direct reporting program managers; strategic, tactical, and non-tactical environments or installations; internal or external organizations, services, tenants, or agencies (for example, DOD, sister Services, U.S.Army Corps of Engineers (USACE); contractors working on Army information systems pursuant to Army contracts; Army and Air; Force Exchange Service (AAFES); morale, welfare, and recreation activities; educational institutions or departments (for example, DOD schools, the U.S. Military Academy at West Point); and Army affiliated or sponsored agencies (for example, Western Hemisphere Institute for Security Cooperation). During mobilization, the proponent may modify chapters and policies contained in this regulation.
This regulation establishes information assurance (IA) policy, roles, and responsibilities. It assigns responsibilities for all Headquarters, Department of the Army (HQDA) staff, commanders, directors, IA personnel, users, and developers for achieving acceptable levels of IA in the engineering, implementation, operation, and maintenance (EIO&M) for all information systems (ISs) across the U.S. Army Enterprise Infostructure (AEI).