CIP Directives, Instructions, Guidance and Strategy
By DON CIO CIP Team - Published, June 2, 2011
This page provides a short description of and links to the major federal, Department of Defense and Department of the Navy Critical Infrastructure Protection directives, instructions, guidance and strategy.
Homeland Security Presidential Directive 7 (HSPD-7)
Critical Infrastructure Identification, Prioritization, and Protection
This directive establishes a national policy for federal departments and agencies to identify and prioritize United States critical infrastructure and key resources, and to protect them from terrorist attacks.
Department of Defense
DoD Directive 3020.40 of 14 Jan 10 (incorporating Change 1, July 1, 2010)
DoD Policy and Responsibilities for Critical Infrastructure
This directive establishes policy and assigns responsibilities for the execution of roles assigned to the Department of Defense pursuant to HSPD-7 and DoDD 5220.22, and ensures consistency with applicable provisions of the National Infrastructure Protection Plan and compliance with applicable provisions of part 29 of Title 6, Code of Federal Regulations.
DoD Instruction 3020.45 of 21 Apr 08
Defense Critical Infrastructure Program Management
This instruction implements and establishes policy to manage the identification, prioritization and assessment of defense critical infrastructure (DCI) as a comprehensive program. This program shall include the development of adaptive plans and procedures to mitigate risk, restore capability in the event of loss or degradation, support incident management, and protect DCI-related sensitive information.
DoD Manual 3020.45, Volume 1 of 24 Oct 08
Defense Critical Infrastructure Program: DoD Mission-Based Critical Asset Identification Process
This volume provides comprehensive procedures for implementation of a defense critical infrastructure (DCI) identification process across all the DoD components and defense infrastructure sectors using a mission-focused process that includes all DoD functions as described in DoDD 5100.1. All DCI assets will be designated as task critical assets, with a subset of this list being designated as defense critical assets.
DoD Manual 3020.45, Volume 2 of 28 Oct 08
Defense Critical Infrastructure Program (DCIP): DCIP Remediation Planning
This volume describes a process for DoD leaders, once risk has been assessed, to determine, plan, justify and implement remediation actions to reduce risk to defense critical infrastructure (DCI). The process documented in this volume ensures informed decisions are made to manage risk to DCI. Informed risk management decisions are important to ensure the availability of DCI while making efficient use of limited resources.
DoDM 3020.45, Volume 3 of 15 Feb11
Defense Critical Infrastructure Program (DCIP) Security Classification Manual
This volume provides guidance for the security classification of sensitive information, capabilities, methods, and activities associated with DCIP. It serves as the basis for classification, reclassification and declassification of all DCIP related information and materials under DoD cognizance and control.
This document is classified For Official Use Only. As such, it is a controlled document. To access it requires a DoD PKI certificate. Start the process at the DTIC directives website.
DoD Manual 3020.45, Volume 5 of 24 May 2010
Defense Critical Infrastructure Program (DCIP): Execution Timeline
This volume provides the bi-annual timeline for the coordination of DCIP activities and responsibilities within DoD.
DoD Instruction 3020.51 of 23 June 2011
Intelligence Support to the Defense Critical Infrastructure Program (DCIP)
This instruction establishes policy, assigns responsibilities and prescribes procedures for intelligence support to the DCIP.
Department of the Navy
Department of the Navy Critical Infrastructure Protection Program
This instruction provides policy and delineates specific responsibilities for implementing critical infrastructure protection in the Department of the Navy.
DON CIO Naval Message — SMADS
Single Authoritative Source for Department of the Navy Task Critical Assets (TCAs)
This Naval Message specifies that the Strategic Mission Assurance Data System (SMADS) is the single authoritative source of TCAs for the Department of the Navy. This will be incorporated into next version of SECNAVINST 3501.1C.
CIP Program for 2009 and Beyond
The Department of the Navy relies on a network of physical and cyber infrastructure so critical that its degradation, exploitation or destruction could have a debilitating effect on the DON's ability to project, support and sustain its forces and operations worldwide.
This critical infrastructure includes DON and non-DON domestic and foreign infrastructures essential to planning, mobilizing, deploying, executing and sustaining U.S. military operations on a global basis. This strategy defines the critical infrastructure protection risk management process, objectives for the future, and the path forward.
DON CIP Consequence Management Planning Guide
This online tool provides base commanders and installation owners assistance in developing plans to manage the consequences of disruptive events affecting their installations, with the goal of maintaining the continuity of their operations.
This supersedes the first edition and provides significantly more information on how to develop, write, and implement a consequence management plan. In addition, it better assists planners in identifying the mission essential functions that define their installation's critical contributions to the DON warfighting effort.
DON CIP Remediation Planning Guide
The DON CIP Remediation Planning Guide provides guidance to DON personnel involved in remediating vulnerabilities to assets determined to be mission critical to the warfighter.
This guide identifies and discusses specific actions that are essential to remediation strategy development and implementation. Navy and Marine Corps activities, installations, commands or units should use this information as a basis from which to develop their own specific remediation approach.
Please submit questions or suggestions to improve this page using the Ask an Expert form. Be sure to choose the CIP topic area.
To receive the latest CIP information, sign up for Info Alerts, which are emails sent out by the DON CIO to inform you of news related to DON information management and information technology. You may also subscribe to the CIP RSS feed.