scope:

This instruction is applicable to:

a. The Offices of the Secretary of the Navy (SECNAV), the Chief of Naval Operations (CNO), the Commandant of the Marine Corps (CMC), and all DON commands, activities, installations, and combatant commands (where Navy is the executive agent).

b. CS/IAWF personnel as defined in reference (c). As employment of cyber capabilities is a warfighting mission, it takes many personnel involved in information technology (IT) infrastructure, network operations, maintenance, and IA to achieve military objectives through cyberspace. Personnel in the CS/IAWF have significant responsibilities for designing, developing, operating, or maintaining the security of DON IT infrastructures, systems, applications, and networks. The CS/IAWF also includes individuals who have responsibility for maintaining the confidentiality, integrity, and availability of the information contained in and transmitted from those systems and networks. CS/IAWF operations include, among other things, activities to operate and defend the Global Information Grid.

c. The CS/IA total force military (active and reserve), civilian (appropriated and non-appropriated fund), local nationals (direct, indirect, and third-country), and contractor personnel who are charged with IA functions as part of their CS duties.

d. Awareness training compliance of all information system (IS) users of DoD, DON, or combatant command (where Navy is the executive agent) IT systems.

Purpose. To establish policy and assign responsibilities for the administration of the Department of the Navy (DON) Cybersecurity (CS)/Information Assurance Workforce (IAWF) Management Oversight and Compliance Program consistent with references (a) through (g).