INFORMATION ASSURANCE (IA)
|Publication Date:||24 October 2002|
Establishes policy and assigns responsibilities under reference (a) to achieve Department of Defense (DoD) information assurance (IA) through a defense-in-depth approach that integrates the capabilities of personnel, operations, and technology, and supports the evolution to network centric warfare.
APPLICABILITY AND SCOPE. This Directive applies to:
The Office of the Secretary of Defense, the Military Departments, the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Inspector General of the Department of Defense, the Defense Agencies, the DOD Field Activities, and all other organizational entities within the Department of Defense (hereafter referred to collectively as "the DOD Components").
All DOD-owned or -controlled information systems that receive, process, store, display or transmit DoD information, regardless of mission assurance category, classification or sensitivity, including but not limited to:
DoD information systems that support special environments, e.g., Special Access Programs (SAP) and Special Access Requirements (SAR), as supplemented by the special needs of the program.
Platform IT interconnections, e.g., weapons systems, sensors, medical technologies or utility distribution systems, to external networks.
Information systems under contract to the Department of Defense.
Outsourced information-based processes such as those supporting e-Business or e-Commerce processes.
Information systems of Nonappropriated Fund Instrumentalities.
Stand-alone information systems.
Mobile computing devices such as laptops, handhelds, and personal digital assistants operating in either wired or wireless mode, and other information technologies as may be developed.