Apr 23

Industry News

Spreading the Word About Cybersecurity

Federal Computer Week - May 15, 2013

Cyber Threat Top Concern for NATO

Voice of America - May 13, 2013

DHS Strikes Deal to Improve USB Drive Security

Government Computer News - April 1, 2013

Next-Generation Firewalls Are Actually Getting Better

Government Computer News - March 20, 2013

Big Data Is All Around Us

Federal Computer Week - March 12, 2013

Editorial: The U.S. is Not Ready for a Cyberwar

Washington Post - March 11, 2013

Cyber Threats of 2013: Look Back, Not Forward

Government Computer News - January 2, 2013

Navy’s CANES Program Achieves Key Milestone

SEAPOWER Magazine Online - December 18, 2012

Is Navy's New Drone The First Real Military Robot?

Government Computer News - December 11, 2012

2012: The Year in Cybersecurity

Federal Computer Week - December 5, 2012

Continuous Monitoring: A Piece of the IT Security Puzzle

Government Computer News - November 16, 2012

Latest Cybersecurity Bill Failure Returns Focus to Executive Order

Federal Computer Week - November 15, 2012

Navy Makes Intell, Cyber Personnel Moves

Federal Computer Week - November 15, 2012

New Rules For Cyber Warfare Put The Military On The Offense

Federal Computer Week - November 14, 2012

Sea Change

FP National Security - November 14, 2012

Election's End Revives Hope for Cybersecurity Action

Federal Computer Week - November 8, 2012

5 Tech Priorities For The New Administration

Government Computer News - November 6, 2012

Army Ramps Up Cybersecurity Skills Training

Army Times - November 1, 2012

Cyber Rules of Engagement Still Unfinished

Federal Computer Week - November 1, 2012

Proactive, Continuous Monitoring Key to Thwarting Cyber Crime

Government Computer News - October 29, 2012

Cyber Dominance Meaningless Without Skilled Workforce

Federal News Radio - October 24, 2012

Cyber Insecurity: Managing Against the Risk

Federal Computer Week - October 23, 2012

NIST Seeks Partners for Cybersecurity Challenges

Federal Computer Week - October 19, 2012

Cyber: The Navy's Newest Warfighting Imperative

The Atlantic Council NATO Source - October 18, 2012

Panetta Gives A Peek At Some New Cyber Capabilities

Aviation Week - October 12, 2012

Official Reaffirms DoD Commitment to Cybersecurity

U.S. Department of Defense - September 25, 2012

Cybersecurity Requires Trust, Training and Teamwork

Signal Magazine - August 15, 2012

Navy Launches $50M Research Fund for Small Business

Washington Technology - July 23, 2012

DoD to Expand Public-Private Cybersecurity Project

Federal Computer Week - April 25, 2012

Cybersecurity, Marine Corps Style

Signal Magazine - March 1, 2012

Cybersecurity Research Gets Boost in 2013 Budget Request

Government Computer News - February 14, 2012

3 Resolutions You Can Make for Better Security in 2012

Government Computer News - December 23, 2011

Cyber Threat Clearinghouse Key to National Security

Federal Computer Week - December 9, 2011

Obama Issues 'WikiLeaks Order' to Protect Classified Nets

Government Computer News - October 7, 2011

DHS, DoD Team to Protect U.S. Cyberspace

Government Computer News - July 18, 2011

DoD's 5-Point Cyber Plan Sees Internet as an 'Operational Zone'

Government Computer News - July 14, 2011

Cloud Security Fears Outweigh Savings, But Perhaps Not For Long

Government Computer News - July 8, 2011

Found Thumb Drives: Another Way Employees Are a Security Menace

Government Computer News - June 30, 2011

Navy: Faster Acquisition Key to Cyber Defense

Federal Computer Week - June 28, 2011

In The Cloud, Security is Easy, Perfection is Impossible

Government Computer News - June 22, 2011

Agencies Get a Tool For Measuring Their Security

Government Computer News - June 6, 2011

Will Phishing Kill Email as we Know it?

Government Computer News - June 6, 2011

Cyber Plan Gives DHS The Keys

Federal Computer Week - May 19, 2011

'Secure' Flash Drives Need to Take it to the Next Level

Government Computer News - April 21, 2011

New Cyber Threats Put Government in The Cross Hairs

Government Computer News - April 11, 2011

Agencies Share Best Practices on Social Media Records

Federal Computer Week - April 1, 2011

With New FISMA Rules, Security Progress can be Measured

Government Computer News - March 25, 2011

Navy Adds Cybersecurity Academy Requirements

Information Week - March 8, 2011

Will Feds Trust Nonfederal ID Card?

Government Computer News - February 4, 2011

NASA Lab: Cloud is Safe for Mission-Critical Data

Government Computer News - December 15, 2010

GSA Employee's Error Exposes Staff to Potential Identity Theft

Government Computer News - November 8, 2010

9 Key Cybersecurity Roles for Government

GovInfoSecurity.com - July 20, 2010

OMB Ends Federal Agency Decade-Long Cookie Ban

GovInfoSecurity.com - June 28, 2010

Information Assurance

CHIPS Articles: 7   News: 13   Policy: 30   Resources: 24   All: 74
Sort by Date | Title


Policy

DON CIO Acquisition Information Assurance Strategy Guidance

DON CIO Guidance - October 10, 2012

The Department of the Navy Chief Information Officer Acquisition Information Assurance Strategy (AIAS) Guidance has been updated to conform to the latest Department of Defense guidance for submission of AIAS's to support the Clinger-Cohen Act and SECNAVINST 5000.2E. This document provides guidance on development and submission of the AIAS to support system acquisition.

Cyberspace/IT Workforce Continuous Learning

SECNAVINST 1543.2 - December 19, 2012

The purpose of this instruction is to establish policy and procedures for Department of the Navy cyberspace/information technology(IT) workforce (WF) professional development through a continuous learning program (CLP). The CLP requires 40 hours per year of education, training, certification and other activities that support the sustainment and continued improvement of the capabilities of the DON Cyberspace/IT WF.

Guidance for Cybersecurity Workforce Operating System/Computing Environment Certification Compliance Process

DON CIO Memo - February 9, 2012

This memo details new ways to satisfy operating system/computing environment certification requirements for the Cybersecurity Workforce.

DON Cyber Range Policy Guidance

DON CIO Memo - February 10, 2012

This memo formally establishes Department of the Navy Cyber Range guidance. The Cyber Range provides an operationally realistic environment to support exercises, training, testing and evaluation with no risk to operational networks.

DITPR-DON Process Guidance v1.0

DON Guidance - December 8, 2011

The Department of Defense Information Technology Portfolio Repository-Department of the Navy (DITPR-DON) process guidance document provides a comprehensive discussion of core DITPR-DON functionality and basic lifecycle transactions. This information will enable all users to gain the understanding necessary to perform the basic IT asset management functions of registering, transferring and archiving DON IT systems within ...

Acceptable Use Policy for DON IT Resources

DTG 031648Z Oct 11 - October 4, 2011

This message outlines acceptable use standards when using Department of the Navy information technology resources for official and authorized unofficial purposes.

Guidance for Civilian Cybersecurity/Information Assurance Workforce Commercial Certification Compliance Process

DON CIO Memo - March 16, 2011

This memo provides additional guidance for the commercial certification compliance process and corrective actions for civilian personnel who fail to meet DON Information Assurance Workforce Improvement Program requirements.

Department of the Navy Social Security Number Reduction Plan for Forms Phase One

MARADMIN 646/10: 181512Z Nov 10 - November 19, 2010

Widespread use of the Social Security number has reached unacceptable levels and requires a Department-wide effort to eliminate or reduce the collection, use, display and storage of this sensitive data element. As a result, the commandant of the Marine Corps is initiating procedures for a review of all official and non-official forms that collect SSNs. This MARADMIN provides the process that will be used to conduct this ...

DoD and DON Privacy Impact Assessment Guidance

DON CIO Memo - November 19, 2010

The Privacy Impact Assessment (PIA) is a tool for assessing privacy risks in an information technology system. Federal and Department of Defense guidance regarding PIAs helps ensure that personally identifiable information (PII) in electronic form is only collected, maintained and disseminated when necessary, and that the supporting IT systems being developed and used protect and preserve the privacy of the American ...

Updated Plan to Remove Social Security Numbers from DoD Identification Cards

Under Secretary of Defense Memo - November 10, 2010

This memo cancels the Jan. 28, 2009, memo, "Business Practice Changes to Allow the Removal of Social Security Numbers from DoD Identification (ID) Cards," which established a timeline for truncation and removal of the visible Social Security numbers (SSN) on all ID cards. The memo addresses concerns raised by DoD stakeholders about potential adverse impacts that may occur if the SSN is truncated or removed as ...

DoD Acceptance and Use of Personal Identity Verification-Interoperable (PIV-I) Credentials

DoD CIO Memo - October 27, 2010

This Department of Defense Deputy Chief Information Officer memorandum establishes the DoD's position on acceptance and use of qualified Personal Identity Verification Interoperable (PIV-I) credentials for access to DoD logical and physical resources. Where appropriate, DoD relying parties (e.g., DoD installation commanders or information systems owners) should accept electronically validated PIV-I credentials for ...

Code of Federal Regulations (32 CFR Part 701)

Availability of DON Records and Publication of DON Documents Affecting the Public - September 8, 2010

Subparts A, B, C and D of 32 CFR Part 701 issue policies and procedures for implementing the Freedom of Information Act (FOIA) (5 U.S.C. 552) and Department of Defense Directive 5400.7–R series (the DoD FOIA Program),

DON Electronic Signature Policy

SECNAVINST 5239.21 - August 30, 2010

This policy establishes electronic signature policy for the Department of the Navy consistent with Federal and Department of Defense legislation and policies. This policy is not a mandate to replace handwritten signatures with electronic signatures but rather is a policy to adopt electronic signatures as the preferred means of conducting business transactions within the DON.

Safeguarding Classified National Security Information

DTG 192014Z AUG 10 - August 23, 2010

The purpose of this Naval message is to reinforce how personnel store and distribute national security information (NSI), as well as to remind personnel of their responsibility to safeguard NSI commensurate with level of classification until the information is declassified by the appropriate original classification authority.

DON Social Security Number Reduction Plan for Forms Phase One

192101Z JUL 10 DON CIO Washington DC - July 20, 2010

Widespread use of the Social Security number has reached unacceptable levels and requires a Department-wide effort to eliminate or reduce the collection, use, display and storage of this sensitive data element. As a result, the Chief of Naval Operations, Commandant of the Marine Corps and Department of the Navy Chief Information Officer are initiating procedures for a review of all official and non-official forms that ...

Information Assurance Policy Update for Platform Information Technology

DON CIO Memo 02-10 - February 6, 2009

The purpose of this memo is to update the Department of the Navy Information Assurance (IA) Platform Information Technology (PIT) policy. DON Platform IT is a concept for risk management and approval of DON IT systems that do not interconnect with Department of Defense networks and the Global Information Grid. The DON PIT policy stresses that IA requirements still apply to PIT systems and provides guidance to PIT policy ...

Safeguarding Personally Identifiable Information (PII)

NAVADMIN 125/10 - September 30, 2010

The Under Secretary of the Navy issued the memo "Safeguarding Personally Identifiable Information" in February 2010 emphasizing the importance he places on personal privacy and the safe management of Department of the Navy's personally identifiable information (PII). His intention was to make eradicating further PII breaches a Departmental priority. As a result, the Vice Chief of Naval Operations release

Safeguarding Personally Identifiable Information

MARADMIN 162/10 - September 30, 2010

The Under Secretary of the Navy issued the memo "Safeguarding Personally Identifiable Information" in February 2010 emphasizing the importance he places on personal privacy and the safe management of the Department of the Navy's personally identifiable information (PII). His intention was to make eradicating further PII breaches a Departmental priority. As a result, MajGen George Allen, DON Deputy CIO (M

Designation of DON Senior Information Assurance Officer

DON CIO Memo - January 22, 2010

The Department of the Navy Chief Information Officer has released a memorandum designating the DON Principal Deputy CIO as the DON Senior Information Assurance Officer (SIAO). The DON SIAO responsibilities include facilitating alignment and consistent application of information management, information technology, and information assurance policies, processes, responsibilities, and procedures across the Department. ...

DON Information Assurance Policy

SECNAVINST 5239.3B - June 25, 2009

This instruction establishes information assurance (IA) policy for the Department of the Navy consistent with national and Department of Defense (DoD) policies. It also designates the DON Chief Information Officer as the DON official assigned responsibility and delegated authority in order to ensure Federal, DoD and DON IA requirements are carried out within the Department of the Navy.

DON Information Assurance Workforce Manual

SECNAV M-5239.2 - June 8, 2009

This manual is intended to serve as a high-level policy for Information Assurance Workforce (IAWF) management and is effective immediately. It describes DON IAWF management plans and provides direction for implementation of DoD Directive 8570.1 and DoD 8570.01-M. It also establishes DON IAWF oversight and management reporting requirements, as well as IA awareness requirements for information system users.

DON Information Assurance and Certification & Accreditation Concept of Operations

DON CIO Memo - May 26, 2009

This memo provides guidance for the interactions among the Service Certifying Authorities (CAs), Service Designated Accrediting Authorities (DAAs), and the DON Senior Information Assurance Officer (SIAO). These interactions are based on the business rules stated in the Dec. 18, 2008, memorandum, Senior Information Assurance Officer Alignment and Responsibilities for Information Assurance and Certification and Accredi

DON Information Assurance Workforce Management Oversight & Compliance Council Charter

DON Charter - April 9, 2009

This charter establishes the DON Information Assurance Workforce Management Oversight and Compliance Council (IAWF MOCC). The IAWF MOCC will provide DON-wide oversight of, and ensure compliance with, the IAWF improvement program. The IAWF MOCC will oversee development of IAWF education, training and certification standards.

Senior Information Assurance Officer Alignment and Responsibilities for Information Assurance and Certification and Accreditation Processes

DON CIO Memo - December 19, 2008

This memo aligns Senior Information Assurance Officer responsibilities for the Department of the Navy with requirements in the DoD Information Assurance Certification and Accreditation Process (DIACAP) Instruction 8510.01.

Department of the Navy DoD Information Assurance Certification and Accreditation Process Handbook

DON Handbook - July 21, 2008

The Department of the Navy DoD Information Assurance Certification and Accreditation Process (DIACAP) Handbook details the baseline DON approach to the DIACAP and the procedures necessary to obtain an accreditation decision for DON information systems undergoing the C&A actions as required under Federal law, and DoD and DON regulations and directives. In addition to this handbook, service unique guidance will be ...

Roles and Responsibilities of the DON Deputy Senior Information Assurance Officer for Computer Network Defense

DON CIO Memo - January 17, 2008

This memo establishes the roles and responsibilities of the Department of the Navy Deputy Senior Information Assurance Officer for Computer Network Defense (DON Deputy SIAO for CND). The DON Chief Information Officer Information Assurance and Network Security Team Lead has been named the DON Deputy SIAO for CND and will report to the DON SIAO.

Recall Rosters

CNO Memo - August 18, 2010

This memo provides guidance regarding the use of recall rosters for the management of personnel and addresses what personal information may be included.

DON Information Assurance Manual

SECNAV M-5239.1 - August 5, 2008

This manual implements the policy set forth in SECNAVINST 5239.3B: Department of the Navy Information Assurance Policy and is issued under the authority of SECNAVINST 5430.7N: Assignment of Responsibilities and Authorities in the Office of the Secretary of the Navy. It is intended to serve as a high-level introduction to information assurance and IA principles. It discusses common IA controls and associated requirements ...

Instructions on Complying with President's Memorandum of May 14, 1998: "Privacy and Personal Information in Federal Records"

OMB M-99-05 - September 9, 2010

This memorandum provides instructions to agencies on how to comply with the President's Memorandum of May 14, 1998, on "Privacy and Personal Information in Federal Records." In his memo, the president directed Federal agencies to review their current information practices and ensure that they are being conducted in accordance with privacy law and policy. The president also directed the Office of Mangaement and Budget to ...

Privacy Act of 1974

5 U.S.C. 552a - September 9, 2010

The Privacy Act of 1974, 5 U.S.C. § 552a, establishes a code of fair information practices that governs the collection, maintenance, use and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies. A system of records is a group of records under the control of an agency from which information is retrieved by the name of the individual or by some ...

News

Information Assurance Workforce Baseline Certification Update

April 24, 2013

This alert provides notice of changes to the Department of Defense (DoD) 8570.01 Manual, "Information Assurance Workforce Improvement Program" baseline certifications. One certification has been added and two have been removed from the list.

Stay Safe Online During the Holidays

November 19, 2012

The upcoming Thanksgiving holiday marks the beginning of the annual holiday shopping season. Every year, more people turn to the Internet as a way to find bargains and conveniently fulfill their shopping list. Before you start your holiday shopping, remember to make sure security measures are in place and you understand the consequences of your actions and behaviors to safely enjoy the benefits of the Internet.

Information Assurance Scholarship Program

December 31, 2007

The Information Assurance Scholarship Program (IASP), authorized by Chapter 112 Title 10 United States Code, is designed to increase the number of qualified personnel entering the information assurance (IA) and information technology fields within the Department. It also serves as a mechanism to strengthen the IA infrastructure through grants, while assisting the Department in addressing emerging IA/IT issues, and as a ...

Certification & Accreditation Transformation

by Jennifer M. Ellett - October 26, 2011

Certification and accreditation (C&A) transformation is an initiative to align processes, terminology and frameworks for assessing information security risk across all federal agencies, including the defense and intelligence communities. This effort will provide efficiencies, standardization and support to reciprocity.

DON Digital Signature and Encryption Policy for Emails Containing PII

by DON CIO Privacy Team - July 14, 2011

The purpose of this tip is to reinforce existing DON policy regarding digitally signing and encrypting emails that contain personally identifiable information (PII).

DON to Migrate to Use of Stronger Cryptographic Algorithms

July 7, 2011

The Department of the Navy Chief Information Officer released guidance directing the Department's migration to the use of a stronger cryptographic hash algorithm in data security authentication procedures such as CAC logon and digital signatures.

Steps For Military Personnel to Take to Defend Against ID Theft

by DON Privacy Team - March 8, 2011

Identity theft is a constant and evolving threat for all citizens and can be of particular concern for those on military deployment and their families. It is a serious crime that occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes.

Rules for Handling PII by DON Contractor Support Personnel

by the DON Privacy Team - March 8, 2011

The following Privacy Tip provides existing policy guidance and best business practices for contract support personnel who handle personally identifiable information. Office of the Secretary of Defense Memo dated June 05, 2009, "Safeguarding Against and Responding to the Breach of Personally Identifiable Information (PII)" and SECNAV INST 5211.5E: "SECNAV Privacy Program" apply.

SSNs to be Removed from Government ID Cards

by the DON CIO Privacy Team - January 31, 2011

This Privacy Tip provides answers to frequently asked questions regarding upcoming changes to the Department of Defense identification cards. The questions and answers below were reproduced from a recent DoD memo. Changes include the removal of both the sponsor and dependent Social Security number (SSN), the addition of a DoD benefits number for DoD beneficiaries, and the removal of the SSN in the card bar codes. The DoD ...

Elements of a Good Privacy Program (Part Two)

by DON CIO Privacy Team - October 27, 2010

This is part two of Elements of a Good Privacy Program and serves as a best practices guide to help Department of the Navy commands/units implement and sustain privacy awareness and better safeguard personally identifiable information within their control.

DoD Memo on PIV-I Credentials Released

October 29, 2010

The Department of Defense Deputy Chief Information Officer recently published a memo for Department-wide distribution on DoD acceptance and use of qualified Personal Identity Verification-Interoperable (PIV-I) credentials for access to DoD logical and physical resources.

DON Electronic Signature Policy Released

August 30, 2010

The Department of the Navy Chief Information Officer has signed out SECNAVINST 5239.21: "Department of the Navy Electronic Signature Policy," making electronic signatures the preferred means of conducting business transactions within the Department.

Top 10 PII Lessons Learned

by DON CIO Privacy Team - July 9, 2010

When a Department of the Navy activity reports a personally identifiable information breach, it must include lessons learned in an after-action report. Lessons learned are an important feedback mechanism and are used to shape future DON privacy policy. The following information is a compilation of the most frequently reported lessons learned.

CHIPS Magazine

ONI Celebrates 132nd Anniversary

by Brian Seraile, ONI Corporate Communications Office - Web Only 0 - April 10, 2014

Capt. Gene Costello and Capt. Douglas Powers

by CHIPS Magazine - April-June 2014 - April-June 2014

Commander, Naval Network Warfare Command and Commanding Officer, Navy Cyber Defense Operations Command Talk Cybersecurity and the Insider Threat

Rogers Takes Over Top NSA, Cyber Command Posts

by Jim Garamone, American Forces Press Service - April-June 2014 - April-June 2014

Information Assurance Scholarship Program

by Jennifer Harper - July-September 2013 - July-September 2013

Scholarships available to DoD military and civilian personnel

New Department of the Navy IT Policies Signed

by DON Enterprise IT Policy and Communications Team - April-June 2013 - April-June 2013

Robert J. Carey

by CHIPS Magazine - October-December 2012 - October-December 2012

Department of Defense Principal Deputy Chief Information Officer

ONR Opens a Gateway to Improved Network Data Sharing on Navy Ships

by Office of Naval Research Corporate Strategic Communications - Web Only 0 - July 23, 2012

Resources

Workforce Competency and Career Planning

September 13, 2012

This toolkit assists individuals in developing, tracking, and managing their careers and facilitates competency management for the information management/information technology and knowledge management (KM) professional at the organizational level.

Publically Accessible Website Privacy Resources (including Official DON Social Networking Sites)

by DON CIO Privacy Team - October 18, 2010

The World Wide Web is specifically designed to be open and accessible to a global audience. While this global accessibility makes the web a powerful public information tool and enhances productivity in the conduct of daily business, it also presents a potential risk to Department of the Navy personnel, assets and operations if inappropriate information is published on DON websites. Threats to the security of Navy and ...

SSN Reduction Plan Resources

August 25, 2010

The following resources are provided to help implement the Department of the Navy's Social Security Number Reduction Plan.

SSN Reduction Frequently Asked Questions

March 3, 2011

On Nov. 5, 2010, the Under Secretary of Defense for Personnel & Readiness (USD(P&R)) signed a memorandum announcing the removal of printed Social Security numbers on all Department of Defense identification cards. By the end of May 2011 and beyond, all DoD ID cards issued will display a new number, called the DoD identification number (also known as the EDI-PI). In addition to the DoD ID number, individuals entitled to ...

Fair Information Practices

by DON CIO Privacy Team - October 12, 2010

The Privacy Act of 1974 is largely based on a set of internationally recognized principles for protecting the privacy and security of personal information known as the Fair Information Practices. A U.S. government advisory committee first proposed the practices in 1973 to address what it termed a poor level of protection afforded to privacy under contemporary law. The Organization for Economic Cooperation and Development ...

Guidelines for Establishing a New Privacy Act System of Records Notice

by DON CIO Privacy Team - September 22, 2010

All Privacy Act system of records notice (SORN) actions are transmitted electronically to the Chief of Naval Operations, Department of Defense and the Federal Register, because this method is both time and cost effective. Since DoD uses special software to transmit the text to the Federal Register, please do not indent, underline, bold, double-space or center the text. All new systems require a "Narrative Statement on ...

Identifying Privacy Act Systems of Records You May Be Using

by DON CIO Privacy Team - September 22, 2010

A Privacy Act (PA) system of records notice is the authority that allows you to collect, maintain and disseminate information that is retrieved by an individual's name and personal identifier. Because many activities maintain similar types of records, we have written generic or "umbrella" PA systems of records notices to cover activities that require collection of those types of records.

How to Obtain Copies of Military Personnel Records

by DON CIO Privacy Team - September 15, 2010

The following processes are provided for active duty military members, former military members, family members, and other individuals wishing to obtain copies of military personnel records.

Privacy Act Exemptions

by DON CIO Privacy Team - September 15, 2010

The attachment is a copy of the Code of Federal Regulations, Title 32, Volume 5, Revised as of July 1, 2008 (32 CFR 701.128), "Privacy Act Exemptions for Specific Navy Record Systems."

Sample Checklist for Conducting Privacy Act Assessment/Staff Visits

by DON CIO Privacy Team - September 16, 2010

The following checklist is provided for use by Privacy Act coordinators and should be tailored to a command's specific needs.

DoD Privacy Program Resources

by DON CIO Privacy Team - September 14, 2010

The Defense Privacy Program homepage provides resources related to the Privacy Program, Privacy Impact Assessments and the Freedom of Information Act.

Instructions for Using WinZip to Encrypt Files

by DON CIO Privacy Team - September 14, 2010

The attachment below provides step-by-step instructions to encrypt files using WinZip.

Other Privacy Act Resources

by DON CIO Privacy Team - September 13, 2010

The following additional resources are provided:

Overview of the Privacy Act of 1974 (2010 Edition)

by DON CIO Privacy Team - September 9, 2010

The "Overview of the Privacy Act of 1974," prepared by the Department of Justice's Office of Privacy and Civil Liberties (OPCL), is a discussion of the Privacy Act's disclosure prohibition, its access and amendment provisions, and its agency recordkeeping requirements.

PEO EIS Portal Procedures for Safeguarding PII

September 14, 2010

Best Practices for use with Command Shared Drives and Web Portals The attachment below is the Program Executive Officer, Enterprise Information Systems (PEO EIS) Portal Procedures for Safeguarding Personally Identifiable Information (PII) and should be used as a best practice. The Department of the Navy has experienced numerous breaches across the enterprise in which PII was improperly posted to shared drives and web ...

Privacy Act Desk Reference Guide

by DON CIO Privacy Team - September 15, 2010

What is the Privacy Act? The Privacy Act (PA) pertains to records the Department of the Navy is maintaining about you. More than 150 types of PA System of Records Notices (SORNs) have been identified that allow the DON to collect, maintain, use and disseminate information about individuals affiliated with the Department. View a complete list of approved systems.

Privacy-Related OMB Memoranda

by DON CIO Privacy Team - September 14, 2010

The following list of Office of Management and Budget memoranda pertains to privacy and is provided to assist personnel as they conduct their daily privacy-related functions.

Disclosure Accounting Form (OPNAV 5211/9 (MAR 1992))

September 9, 2010

Disclosure accounting allows an individual to determine what agencies or persons have been provided information from the system of records about them, enables Department of the Navy activities to advise prior recipients of the system of records of any subsequent amendments or statements of dispute concerning the system of records, and provides an audit trail of the DON's compliance with the Privacy Act of 1974.

General Purpose Privacy Act Statement (OPNAV FORM 5211/12)

September 13, 2010

When an individual is requested to furnish personally identifiable information for possible inclusion in a system of records, a Privacy Act Statement (PAS) must be provided to the individual, regardless of the method used to collect the information (e.g., forms, personal, telephonic interview, IT system, etc). If the information requested will not be included in a system of records, a PAS is not required.

Department of Defense SORN Training Materials

by DON CIO Privacy Team - August 23, 2010

The two documents attached below were provided by the Defense Privacy and Civil Liberties Office. One is a presentation on System of Records Notices (SORNs), and the other is an example of a Navy SORN.

Methods for Hard Drive/Disk Destruction

by DON CIO Privacy Team - August 3, 2010

The following guidelines are provided for the proper destruction of Department of the Navy hard drives.

Approved Use Cases for Systems Collecting SSNs

by DON CIO Privacy Team - July 9, 2010

The following is a list of 12 approved use cases for systems requesting the use of Social Security numbers.

Information Assurance Workforce Frequently Asked Questions

September 9, 2009

The following is a list of questions that are frequently asked of the Department of the Navy Chief Information Officer Information Technology Workforce Team for compliance with: DoD Directive 8570.1 of 15 Aug 2004, Information Assurance Training, Certification, and Workforce Management

Information Assurance Workforce

April 2, 2008

The information assurance workforce is key to assuring the Department of the Navy has adequate security measures to protect and defend its information and information systems. With the increasing threat evidenced by the hundreds of daily attempts to breach the Department’s computer networks, equipping an IA workforce that is educated and trained to meet these challenges is an imperative. Throughout government, efforts ...