Information Technology Management: DoD Organization Information Assurance Management of Information Technology Goods and Services Acquired Through Interagency Agreements

Abstract

Chief information officers within DoD and individuals responsible for DoD Component information assurance should read this report because it contains information on properly securing information technology goods and services purchased through interagency agreements. Many Federal agencies, including DoD, are now making greater use of interagency agreements to improve the Government s aggregate buying power and simplify the procurement process. The information technology goods and services purchased through these agreements do not stand alone, but instead are part of the seamless web of communications networks, computers, software, databases, applications, security services, and other capabilities used by DoD. As a result, information assurance is an important aspect of any DoD information system, no matter how the system components or services are acquired, whether through traditional acquisitions or interagency agreements. DoD Components are required to implement and maintain adequate security programs that include the minimum information assurance controls outlined in DoD Instruction 8500.2, Information Assurance (IA) Implementation, February 6, 2003, for all DoD information systems. Army, Navy, and Air Force chief information officers rely on subordinate command chief information officers to follow this guidance for all information systems, including those acquired through interagency agreements. Additionally, the National Institute of Standards and Technology Special Publication 800-12, An Introduction to Computer Security, October 1995, recommends monitoring procedures for tracking user activity on DoD systems and networks.

Document Details

Document Type

Technical Report

Publication Date

Feb 23, 2006

Accession Number

ADA471955

Entities

Tags