CHIPS Articles: Designation of DON Deputy CIOs
Designation of DON Deputy CIOs
The Acting Secretary of the Navy issued a memo April 30, designating the Department of the Navy Deputy Chief Information Officers and their responsibilities.
This memo designates the positions of the Deputy Chief of Naval Operations for Information Warfare/Director of Naval Intelligence (DCNO N2/N6) and the Deputy Commandant for Information (DCI) to serve in an additional duty capacity as the Department of the Navy Deputy Chief Information Officer (Navy) (DON Deputy CIO (Navy)) and the Department of the Navy Deputy Chief Information Officer (Marine Corps) (DON Deputy CIO (Marine Corps)), respectively.
Within the DON, the title "Chief Information Officer" shall only be used by the DON CIO and the two Service DON Deputy CIOs. Otherwise, all commands and activities that have utilized the "CIO" acronym to reference their command information officers shall refrain from calling them "chief' information officers. Instead, those occupying such positions shall be named and referenced throughout the DON as "command" information officers, which shall be abbreviated as "command IO" or "IO" rather than "CIO".
In performing the duties of the DCNO N2/N6 and the DCI, each incumbent continues to report through their respective Service's chain of command to the Chief of Naval Operations or to the Commandant of the Marine Corps.
To maximize the Department's overall effectiveness and agility as an integrated warfighting team, the DON Deputy CIO (Navy) and the DON Deputy CIO (Marine Corps) will also perform such duties and responsibilities as designated and/or delegated by the Department of the Navy Chieflnformation Officer (DON CIO) in direct support of their respective Service's mission and within the bounds and authorities of references (c) through (h).
- UNSECNA V memo, "Organizational Realignments and Designation as the
Department of the Navy Deputy Chieflnformation Officer (Navy) and the
Department of the Navy Deputy Chieflnformation Officer (Marine Corps)," of
11 May 2011
- UNSECNA V memo "Restructure of the Secretariat Functions" of 16 March
- SECNAVINST 5430.7R
- 40 U.S.C., Chapter 113
- 44 U.S.C., Chapters 35 and 36
- SECNA VINST 3052.2
- DoDD 8000.01, Management of the DoD Information Enterprise, of 17 March 2016
- DoDI 8510.01, Risk Management Framework for DoD IT, of 12 March 2014
- 10 U.S.C. §8014
In accordance with reference (h), the DON Deputy CIO (Navy) and the DON Deputy CIO (Marine Corps) will carry out these duties and responsibilities under
the direction of, and in coordination with, the DON CIO. In their capacity as DON Deputy CIO (Navy) and the DON Deputy CIO (Marine Corps), the incumbents will: In their capacity as DON Deputy CIO (Navy) and the DON Deputy CIO (Marine Corps), the incumbents will:
- Represent and speak on behalf of all U.S. Navy (Navy) or U.S. Marine Corps
(USMC) information management, information technology, and information resources
management (IM/IT/IRM) resource sponsors and stakeholders.
- Provide oversight of their respective DON Deputy Senior Information Security
Officer (SISO) in the direction and coordination of their Service's cybersecurity program
maintaining information security policies.
- Review Service requests for authorizations to operate systems with a level of risk of
"Very High" or "High." Upon determination that such authorization is required, submit written recommendations to the DON CIO for final approval as required by reference (g).
- Coordinate implementation plans based on strategic guidance from DON CIO.
- Collect and report cybersecurity metrics to support the DON CIO's statutory oversight requirements and reporting to the DoD, the Office of the Secretary of Defense, and Congress.
- Ensure compliance with information security policies, including but not limited to cybersecurity, risk management framework, and privacy policies.
- Develop and maintain Service-level information security policies, procedures, and control techniques to include training and oversight of personnel with significant responsibilities for information security. The Navy will serve as agent of DON, in concurrence with the USMC, for the development DON cyber workforce policy and guidance, subject to DON CIO approval.
- Develop and maintain enterprise architecture ensuring compliance with Federal and DoD interoperability standards. Ensure Service-related IT/cyber investment decisions and programs support DoD and DON IM/IT/IRM policies, strategies, and objectives.
- Coordinate with the DON Chief Technology Officer, acquisition community and systems commands to identify opportunities for consolidation and centralization of IM/IT
services (i.e., help desk), applications (i.e. HR applications, contracting and applications that perform similar functions) and programs (i.e. aircraft maintenance, ledgers) across the DON.
- Support the DON CIO in establishing a method of continuous process improvement, and ensure the development and employment of common tools, architectures, and infrastructures across both the Navy and the USMC wherever possible.
- Ensure cybersecurity requirements are addressed during the lifecycle of all DON IT systems. Cybersecurity requirements will be identified and included throughout the lifecycle of systems including design, development, developmental testing, acquisition, operational testing, integration, implementation, operation, upgrade, or replacement of all DON IT supporting DON tasks and missions.
- Ensure that all DON IT systems, applications, and databases are registered and maintained in the DoD IT Portfolio Repository (DITPR-DON)/DON Applications and Database Management System (DADMS) (https://www.dadms.navy.mil/) and in any other repositories as appropriate or required in accordance with DON policy.
- Leverage cybersecurity reciprocity of Federal, DoD, and DON IT authorizations to the maximum extent possible.
James E. McPherson
Acting (Secretary of the Navy)
Download the SECNAV Memo