May 18

TOPICS:

Awards (39)	Enterprise Architecture (58)	Information Sharing (92)	Performance Measurement (11)
Civil Liberties (17)	Enterprise Licensing Agreements (20)	IT Asset Management (46)	Personal Electronic Device (21)
Clinger-Cohen Act Compliance (23)	Enterprise Services (55)	IT Efficiencies (158)	Printing and Imaging (Copiers/MFDs) (15)
Cloud Computing (25)	Enterprise Software Initiative (45)	IT Expenditure Approval Authority (9)	Privacy (229)
Common Access Card (10)	FISMA (15)	IT Governance (59)	Public Key Infrastructure (20)
Critical Infrastructure Protection (14)	Forms/Reports (15)	IT Infrastructure (27)	Records Management (46)
Cybersecurity (273)	Freedom of Information Act (16)	IT Investment Management (105)	Section 508 (14)
Cyberspace/IT Workforce (88)	Functional Area Manager (8)	Knowledge Management (55)	Social Media (35)
DADMS/DITPR-DON (40)	GIG Standards (31)	Naval Enterprise Networks (68)	Spectrum (70)
Data at Rest (10)	Green IT (32)	Naval Networking Environment (19)	Statutory & Regulatory Compliance (25)
Data Center Consolidation (42)	Identity Management (114)	NGEN (23)	Telecommunications (101)
Data Strategy (31)	IM/IT Strategy (60)	NMCI (27)	Web 2.0 (30)
Department of the Navy CIO (48)	Information Assurance (74)	Open Source (4)	Wireless (75)
DIACAP (25)

Single Authoritative Source for DON Task Critical Assets

DoD Policy and Responsibilities for Critical Infrastructure

CIP Program for 2009 and Beyond

Defense Critical Infrastructure Program: DoD Mission-Based Critical Asset

Related News

National Preparedness Month Begins

CIP Current Events

Monitor Access to Mission Critical Facilities

Critical Infrastructure Protection Month

Related Resources

Critical Infrastructure Protection Web Resources

Related Industry News

Critical Infrastructure Protections Include Employee Information
American Forces Press Service

Pentagon Will Require Security Standards For Critical Infrastructure Networks
NextGov

Obama to Issue Cybersecurity Executive Order This Month
Computer World

DARPA Seeks to Build Attack-Resistant Secure Cloud
Government Computer News

DoD, DHS Working on One-Two Punch for Cybersecurity
Government Computer News

CIP Directives, Instructions, Guidance and Strategy

By DON CIO CIP Team - Published, June 2, 2011

This page provides a short description of and links to the major federal, Department of Defense and Department of the Navy Critical Infrastructure Protection directives, instructions, guidance and strategy.

Federal

Homeland Security Presidential Directive 7 (HSPD-7)
Critical Infrastructure Identification, Prioritization, and Protection

This directive establishes a national policy for federal departments and agencies to identify and prioritize United States critical infrastructure and key resources, and to protect them from terrorist attacks.

Department of Defense

DoD Directive 3020.40 of 14 Jan 10 (incorporating Change 1, July 1, 2010)
DoD Policy and Responsibilities for Critical Infrastructure

This directive establishes policy and assigns responsibilities for the execution of roles assigned to the Department of Defense pursuant to HSPD-7 and DoDD 5220.22, and ensures consistency with applicable provisions of the National Infrastructure Protection Plan and compliance with applicable provisions of part 29 of Title 6, Code of Federal Regulations.

DoD Instruction 3020.45 of 21 Apr 08
Defense Critical Infrastructure Program Management

This instruction implements and establishes policy to manage the identification, prioritization and assessment of defense critical infrastructure (DCI) as a comprehensive program. This program shall include the development of adaptive plans and procedures to mitigate risk, restore capability in the event of loss or degradation, support incident management, and protect DCI-related sensitive information.

DoD Manual 3020.45, Volume 1 of 24 Oct 08
Defense Critical Infrastructure Program: DoD Mission-Based Critical Asset Identification Process

This volume provides comprehensive procedures for implementation of a defense critical infrastructure (DCI) identification process across all the DoD components and defense infrastructure sectors using a mission-focused process that includes all DoD functions as described in DoDD 5100.1. All DCI assets will be designated as task critical assets, with a subset of this list being designated as defense critical assets.

DoD Manual 3020.45, Volume 2 of 28 Oct 08
Defense Critical Infrastructure Program (DCIP): DCIP Remediation Planning

This volume describes a process for DoD leaders, once risk has been assessed, to determine, plan, justify and implement remediation actions to reduce risk to defense critical infrastructure (DCI). The process documented in this volume ensures informed decisions are made to manage risk to DCI. Informed risk management decisions are important to ensure the availability of DCI while making efficient use of limited resources.

DoDM 3020.45, Volume 3 of 15 Feb11
Defense Critical Infrastructure Program (DCIP) Security Classification Manual

This volume provides guidance for the security classification of sensitive information, capabilities, methods, and activities associated with DCIP. It serves as the basis for classification, reclassification and declassification of all DCIP related information and materials under DoD cognizance and control.

This document is classified For Official Use Only. As such, it is a controlled document. To access it requires a DoD PKI certificate. Start the process at the DTIC directives website.

DoD Manual 3020.45, Volume 5 of 24 May 2010
Defense Critical Infrastructure Program (DCIP): Execution Timeline

This volume provides the bi-annual timeline for the coordination of DCIP activities and responsibilities within DoD.

DoD Instruction 3020.51 of 23 June 2011
Intelligence Support to the Defense Critical Infrastructure Program (DCIP)

This instruction establishes policy, assigns responsibilities and prescribes procedures for intelligence support to the DCIP.

Department of the Navy

SECNAVINST 3501.1B
Department of the Navy Critical Infrastructure Protection Program

This instruction provides policy and delineates specific responsibilities for implementing critical infrastructure protection in the Department of the Navy.

DON CIO Naval Message — SMADS
Single Authoritative Source for Department of the Navy Task Critical Assets (TCAs)

This Naval Message specifies that the Strategic Mission Assurance Data System (SMADS) is the single authoritative source of TCAs for the Department of the Navy. This will be incorporated into next version of SECNAVINST 3501.1C.

CIP Program for 2009 and Beyond

The Department of the Navy relies on a network of physical and cyber infrastructure so critical that its degradation, exploitation or destruction could have a debilitating effect on the DON's ability to project, support and sustain its forces and operations worldwide.

This critical infrastructure includes DON and non-DON domestic and foreign infrastructures essential to planning, mobilizing, deploying, executing and sustaining U.S. military operations on a global basis. This strategy defines the critical infrastructure protection risk management process, objectives for the future, and the path forward.

DON CIP Consequence Management Planning Guide

This online tool provides base commanders and installation owners assistance in developing plans to manage the consequences of disruptive events affecting their installations, with the goal of maintaining the continuity of their operations.

This supersedes the first edition and provides significantly more information on how to develop, write, and implement a consequence management plan. In addition, it better assists planners in identifying the mission essential functions that define their installation's critical contributions to the DON warfighting effort.

DON CIP Remediation Planning Guide

The DON CIP Remediation Planning Guide provides guidance to DON personnel involved in remediating vulnerabilities to assets determined to be mission critical to the warfighter.

This guide identifies and discusses specific actions that are essential to remediation strategy development and implementation. Navy and Marine Corps activities, installations, commands or units should use this information as a basis from which to develop their own specific remediation approach.

Additional Information

Please submit questions or suggestions to improve this page using the Ask an Expert form. Be sure to choose the CIP topic area.

To receive the latest CIP information, sign up for Info Alerts, which are emails sent out by the DON CIO to inform you of news related to DON information management and information technology. You may also subscribe to the CIP RSS feed.

TAGS: CIP

DON CIO Information

Online Services & Community

RSS Feeds	CHIPS Magazine
DON CIO Mobile Website	Other Government Sites
Website Accessibility	Suicide Prevention Lifeline
Report a PII Breach

SECNAV DON CIO • 1000 Navy Pentagon
Washington, DC 20350-1000

This is an official U.S. Navy website (DoD Resource Locator 45376) sponsored by the Department of the Navy Chief Information Officer (DON CIO). The purpose of this website is to facilitate effective information flow about information management/information technology and cybersecurity issues and initiatives occuring within the Department of the Navy.

Please read our Privacy Policy notice