Pages - Information Assurance Strategy

Summary: Information assurance (IA) protects the protection of information and information systems by ensuring the availability, integrity, authentication, confidentiality, and nonrepudiation of information and information systems. This includes restoring the information system by combining protection, detection, and response functions.

Implementation guidance: For details on the implementation of the information assurance strategy, please refer to Section 5 of the DoD Procurement Guidelines for access to the procurement police executing agency or for detailed guidance on the executing agency.

The Obtained Information Assurance (IA) strategy provides documentation to ensure that the program has an information assurance strategy consistent with DoD policies, standards, and architectures, including related standards. The Project Manager (PM) has developed a procurement IA strategy to help the project office organize and coordinate methodologies to identify and meet IA requirements consistent with DoD policies, standards, and architectures . The objective of acquiring the IA strategy is different from the document generated by the Risk Management Framework (RMF) or other authentication and authentication (C & A) process. Acquisition of the IA strategy is documented at the earliest stage of the acquisition lifecycle, written at a higher level, and the overall IA requirements and methodology of the program, including identification of appropriate certification and authentication processes .

The purchasing information assurance (IA) strategy is approved according to the Defense Acquisition Guide (DAG) based on the requirements of the Department of Defense Directive 5000.02, operation of the defense acquisition system, enclosure 4, and the enclosure detailed in Table 5.9.2T1 And submit it for review.

Acquisition of the IA strategy will make the C & A process a success by promoting the Project Manager (PM), Component CIO, and CIO CIO for key issues such as mission security category, confidentiality level, and applicable benchmark IA controls We have built a foundation. Choose the appropriate C & A procedure, assign the identities of accreditation bodies and certification bodies, and document the rough schedule of the C & A process. Acquisition of the IA strategy is an independent document. To obtain IA strategies to identify supplemental information or supplementary information, other important documents can be quoted, but to acquire the IA strategy, enough internal content to clearly convey the strategy to the reader It must be included.