NAVY - SEACNAV 5239.3
(DON CIO) DEPARTMENT OF THE NAVY INFORMATION ASSURANCE POLICY
|Publication Date:||17 June 2009|
This instruction applies to all DON owned or controlled information systems as defined in reference (e), Title 40 of the United States Code, and the Clinger-Cohen Act, operated by a contractor or other entity on behalf of the Department of the Navy, that receive, process, store, display, or transmit DoD or DON information, regardless of Mission Assurance Category (MAC), classification, or sensitivity, except as noted below.
The policy and requirements of the Department of Defense and the Federal Government take precedence over any conflicting requirements of this instruction. Implementing authorities should identify conflicting policy to the DON CIO for resolution.
Nothing in this policy shall alter or supersede the existing authorities and policies of the Director of Naval Intelligence regarding the protection of sensitive compartmented information and special access programs for intelligence that fall under the purview of reference (i).
Establish Information Assurance (IA) policy for the Department of the Navy (DON) consistent with national and Department of Defense (DoD) policies.
Designate the DON Chief Information Officer (DON CIO) as the DON official assigned responsibility and delegated authority, in accordance with references (a) and (b), in order to ensure the requirements contained in these references are carried out within the Department of the Navy.
Assign responsibilities in the Department of the Navy for developing, implementing, managing, and evaluating DON IA programs, policies, procedures, and controls per reference (b).