NAVY - SECNAVI M-5239.1
INFORMATION ASSURANCE MANUAL
|Publication Date:||1 November 2005|
Introduces the Department of the Navy (DON) Information Assurance Program, its concepts, and their application within the DON. Other manuals in the series will provide more detailed guidance on specific IA-related topics.
Describes the DON Information Assurance Program. The purpose of the DON IA Program is to protect information to support the DON mission as described in the DON Information Management and Information Technology (IM/IT) Strategic Plan, to "deliver secure, interoperable, and integrated information management and information technology to the Marine and Sailor to support the full spectrum of warfighting and warfighting support missions." The major elements of the DON IA Program are: to promulgate IA policies and procedures to manage risk to DON IT assets, promote implementation of IA throughout the life cycle of all DON IT assets, and to integrate IA controls throughout the daily activities of the DON.
Replaces DON IA Publication 5239-01, dated May 2000, and should be reviewed in its entirety.
This manual is mandatory and applies to all DON activities, installations, commands, units, and personnel, and to information collected or maintained by or on behalf of the Department of the Navy and Information Systems used or operated by the Department of the Navy, by a contractor of the Department of the Navy processing DON information, or other organizations on behalf of the Department of the Navy. Military, civilian, contractor, and foreign national personnel who have access to DON-owned or controlled information systems are also subject to the provisions herein. This manual applies only to classified collateral, and/or sensitive unclassified, or unclassified information systems and networks. This publication does not apply to Special Compartmented Information, Cryptographic, Cryptologic, Special Access Program, Single Integrated Operation Plan-Extremely Sensitive Information, or North Atlantic Treaty Organization information. Those systems are under the purview of their respective authorities. However, this manual mentions these types of information only to complete definitions or provide examples.
This manual is consistent with Federal and Department of Defense (DoD) IA policies. In the case of a conflict, directives and instructions set forth by higher authority take precedence. Implementing authorities at the Marine Corps and Navy shall identify conflicting policy and issues of precedence to the Office of the DON Chief Information Officer (DON CIO) for resolution.