A recently issued Defense Department directive, DoDD 5144.02, clarifies the many responsibilities of the DoD Chief Information Officer and other officials who establish cybersecurity policy within the department.
The directive, issued Nov. 21, and signed by Deputy Defense Secretary Robert Work, designates the DoD CIO, as a Principal Staff Assistant (PSA) reporting directly to the Secretary of Defense, to establish DoD policy in DoD issuances within the responsibilities, functions, and authorities assigned in the directive, in accordance with DoD Instruction (DoDI) 5025.01.
The directive states that as the PSA, the DoD CIO is the senior advisor to the Secretary of Defense for information technology (IT) (including national security systems and defense business systems), information resources management (IRM) and efficiencies. The DoD CIO is responsible for all matters relating to the DoD information enterprise, including communications; spectrum management; network policy and standards; information systems; cybersecurity; positioning, navigation, and timing (PNT) policy; and the DoD information enterprise that supports DoD command and control (C2).
The directive authorizes the DoD CIO, in consultation and coordination with the Under Secretary of Defense for Intelligence, to issue policy guidance to the Director, National Security Agency/Chief, Central Security Service (DIRNSA/CHCSS), regarding network operations and cybersecurity matters.
The directive charges the CIO, in cooperation with the Under Secretary of Defense (Comptroller)/Chief Financial Officer of the Department of Defense (USD(C)/CFO), to develop a full and accurate accounting of DoD IT expenditures, related expenses, and performance metrics.
The directive also designates the DoD CIO as co-chair of the Defense Business Council.
Please refer to the directive for complete information: DoDD 5144.02, Nov. 21, 2014 - http://www.dtic.mil/whs/directives/corres/pdf/514402p.pdf
For more information about the DoD CIO, please visit: http://dodcio.defense.gov/