Office of the Director, Defense Research & Engineering

Systems Engineering
Last Updated: June 2009 ACQUISITION SYSTEM
Send questions/suggestions to atl-sse@osd.mil DODI 5000.02 DODI 5200.39 DOD 5200.1-M
DODD 5000.01
D,DR&E/SE Website: http://www.acq.osd.mil/sse/ Operation of the Defense Acquisition Critical Program Information Protection Acquisition Systems Protection
The Defense Acquisition System System within DOD Program
(2007, pp. 10) (2008, pp. 80) (2008, pp. 20) (1994, pp.66)

Color Key - OPRs PROGRAMS COUNTERMEASURES

ASD(ES)
Non-Lethal Weapons Nuclear Personnel Security Industrial Security Operations Security Physical Security Information Security
ASD(HD)
ASD(ISA) DODD 5230.16 DODD 5220.22-M DODD 5205.02 DODI 5200.01
DODD 3000.3 DODD 5200.2 DODD 5220.22 DOD 5200.08-R DOD 5200.1-R
ASD(NII)/DOD CIO Nuclear Accident and Incident Public National Industrial Security Program DOD Operations Security (OPSEC) DOD Information Security Program and
Policy for Non-Lethal Weapons Affairs (PA) Guidance DOD Personnel Security Program National Industrial Security Program Operating Manual (NISPOM) Program Physical Security Program Protection of SCI Information Security Program
ASD(SO/LIC) (2003, pp. 6) (1999, pp. 6) (2006, pp. 5) (2007, pp. 26) (1997, pp. 179)
(2003, pp. 26) (2006, pp. 140) (2006, pp. 8) (2008, pp. 13)
ATSD(AE)
ATSD(LA) DODD 4540.5 DOD 5200.2-R DODI C-5220.29 DOD 5205.02-M DODI 5200.08 DOD 5200.1-PH DOD 5200.1-H
DODD 5220.22-R
Logistic Transportation of Nuclear Implementation of NATO Industrial Industrial Security Regulation DOD Operations Security (OPSEC) Security of DOD Installations and DOD Guide to Marking Classified DOD Handbook for Writing Security
ATSD(NCB) Weapons Personnel Security Program Security Procedures Program Manual Resources Documents Classification Guidance
ATSD(PA) Chem/Bio Weapons (2003, pp. 7) (1987, pp. 186) (1982, CONFIDENTIAL)
(1985, pp. 326)
(2008, pp. 38) (2005, pp. 5) (1997, pp. 36) (1999, pp. 54)
Common Criteria
DODD 5160.05E DODD O-5210.41 DOD 5210.48-R DOD 5160.54-R DOD 5220.22-C DODD 2000.12 DOD 5200.1-PH-1 DODD 5210.83
CNSS/NTISS Roles/Responsibilities Associated w/ Security Policy for Protecting Nuclear Industrial Facilities Protection Carrier Supplement to NISPOM for Classified Information, NDA, and DOD Unclassified Controlled Nuclear
Chem. and Bio. Defense Program Weapons Polygraph Program Regulations Safeguarding Classified Information DOD Antiterrorism (AT) Program Verbal Attestation Briefing Pamphlet Information (DOD UCNI)
DA&M Critical Infrastructure (2007, pp. 39)
(2008, pp. 10) (2004, FOUO) (1985, pp. 35) (1977, NO COPY AVAILABLE) (1986, pp. 25) (2000, pp. 58) (2003, pp. 20)
DDR&E
Dept. of Commerce DODD 5210.88 DODD 5220.6 DODD 3020.40 DODD 5210.50
Safeguarding Biological Select Agents DOD S-5210.41-M Defense Critical Infrastructure Program DOD O-2000.12-H DOD O-5200.1-I Unauthorized Disclosure of Classified
Dept. of State Nuclear Weapon Security Manual (U) Defense Industrial Personnel Security Clearance Review Program DOD Antiterrorism Handbook Index of Security Classification Guides
and Toxins (BSAT) (2004, SECRET) (DCIP) (2004, FOUO) (1996, FOUO) Information to the Public
DIA (2006, pp. 8) (1999, pp. 50) (2005, pp. 14) (2005, pp. 8)
GC
NIST DODI 5210.89 DODI 5210.42 DODD 5000.60 DODI 3020.45 DODI 3224.03 DODI 5210.67 DOD 5230.25-PH
Minimum Security Standards for Defense Industrial Capabilities Defense Critical Infrastructure Program Special Nuclear Material Information, Control of Unclassified Technical Data
NSA Safeguarding BSAT Nuclear Weapons Personnel Reliability Program (PRP) Assessments Management Physical Security Equipment RDT&E Security Classification Guidance with Military or Space Application
(2006, pp. 6) (2007, pp. 11)
USD(AT&L) (2006, pp. 28) (2003, pp. 6) (2008, pp. 26) (1982, pp. 4) (1985, pp. 21)
USD(I) DOD 5000.60-H DODD 5210.2 DODD 5230.25
DOD 5210.42-R
USD(P) Assessing Defense Industrial Access to and Dissemination of Withholding of Unclassified Technical
Nuclear Weapons Personnel Reliability Program (PRP) Regulation Capabilities Restricted Data Data from Public Disclosure
USD(P&R) LO/CLO (2006, pp. 47) (1996, pp. 57) (1994, pp. 21) (1995, pp. 21)

DODI S-5230.28 DODI 5030.55 DODD 3200.12 DODI O-5210.85

Low Observable (LO)/Counter-Low DOD Procedures for Joint DoD-DoE DOD Scientific and Technical Umbrella Security Classification Guide
Observable (CLO) Programs (U) Nuclear Weapons Life-Cycle Activities Information (STI) Program (STIP) for High Technology Information
(2005, SECRET) (2001, pp. 47) Foreign Disclosure (1998, pp. 5) (1997, FOUO)

DODD 3150.3 DODD 5230.11 DODI 5230.18 DODI 3200.14 DODI 5230.27
Nuclear Force Security and DODD 5530.3 Export Administration Regulations International Traffic in Arms Disclosure of Classified Military DOD Foreign Disclosure and Technical Principles and Operational Parameters Presentation of DOD-Related Scientific
International Agreements Regulations
Special Access Programs Survivability (S2) (2003, pp. 34) (2004-2008, Many Sections) (2008, pp.117) Information to Foreign Governments Information System (FORDTIS) of the DOD STIP and Technical Papers at Meetings
(2004, pp. 13) (1992, pp. 27) (1984, pp. 16) (2001, pp. 53) (1987, pp. 10)

DODD 5205.07 DODD 5030.14 MTCR DODD 4500.54 DODD 5230.20 DOD 5230.18-M DODD 5230.24 DOD 5210.12-M
Disclosure of Atomic Information to Foreign Governments and Regional Defense Equipment, Software and Technology Visits and Assignments of Foreign Distribution Statements on Technical Procedures for the Acquisition and
Special Access Program (SAP) Policy Organizations Annex Official Temporary Duty Abroad Nationals FORDTIS User Manual Documents Management of Technical Data
(2008, pp. 10) (2003, pp. 6) (1985, pp. 49)
(2004, pp. 8) (2008, pp. 72) (2005, pp. 12) (1987, pp. 15) (1993, pp. 78)

DODD O-5205.11 DODI 5230.29 DODD 5400.07

Management, Administration, Security and Policy Review of DOD DOD Freedom of Information Act
Oversight of DOD SAPs Electronic/Command & Control Warfare Information for Public Release (FOIA) Program
(1997, FOUO) COMSEC International Cooperation (2009, pp. 9) (2008, pp. 5)

DODD S-5210.81 DODD 3222.4 DODI 8523.01 DODD 2010.6 DODI 2015.4 DOD 5400.7-R DODD 5400.11
EW and Command and Control Materiel Interoperability with Allies and RDT&E Information Exchange
US Nuclear Weapons Command and Control, Safety, and Security (U) Warfare (C2W) Countermeasures Communications Security (COMSEC) Coalition Partners Program Freedom of Information Act Program DOD Privacy Program
(2005, SECRET) (1994, pp. 8) (2008, pp. 8) (2004, pp. 8) (2002, pp. 10) (2006, pp. 102) (2007, pp. 13)

DODD 2060.1 DODD 5230.09

DODI S-5200.16 Implementation of, and Compliance DOD 5000.3-M-2 Clearance of DOD Information for DODD 5400.11-R
Objectives and Minimum Standards for COMSEC Measures used in Nuclear Command and Control (NC2) Communications (U) Foreign Comparative Testing Program DOD Privacy Program
(2007, SECRET) with, Arms Control Agreements (1994, pp. 35) Public Release (2007, pp. 110)
(2003, pp. 9) (2008, pp. 6)

NACSI-6002 DODD 5535.3 DODI 5535.8 DODD 5400.04 DODD 5405.2

Protection of Government Contractor DOD Domestic Technology Transfer DOD Technology Transfer (T2) Release of Official Information in
Telecommunications (T2) Program Program Provision of Information to Congress Litigation and Testimony...
Information Technology Information Assurance (1984, pp. 9) (1999, pp. 7) (1999, pp. 22) (2009, pp. 15) (2003, pp. 7)

DODD 4630.05 DODI 8410.01 DODI 8560.01 CNSSP-18 CNSSI-1001

Interoperability and Supportability of IT Internet Domain Name Use and DODD 8500.01E DODD C-3325.01E DODD 2040.3 National Policy on Classified National Instruction on Classified
Information Assurance (IA) COMSEC Monitoring and Information Assurance Readiness Testing Foreign Materiel Program (FMP) (U) End Use Certificates (EUCS)
and National Security Systems (NSS) Approval (2007, pp. 22) (2006, CONFIDENTIAL) (1991, pp. 5) Information Spillage Information Spillage
(2007, pp. 18) (2008, pp. 17) (2007, pp. 10) (2006, pp. 6) (2008, pp. 9)

DODI 4630.8 DODD 8320.03 DODI 8580.1 DODD C-5100.19 DODI 2040.02 DOD 5105.65-M DOD 5105.21-M-1 DOD 1000.25
Procedures for Interoperability and Information Assurance (IA) in the Critical Information Communications International Transfers of FMS Case Reconciliation and Closure DOD SCI Administrative Security DOD Personnel Identity Protection
Supportability of IT and NSS Unique Identification (UID) Standards for a Net-Centric DOD Defense Acquisition System (CRITICOMM) System (U) Technologies, Articles, and Services Manual (RCM) Manual (PIP) Program
(2004, pp. 85) (2007, pp. 8) (2004, pp. 11) (2008, CONFIDENTIAL) (2008, pp. 19) (2004, pp. 273) (1998, LIMITED) (2007, pp. 9)

DODD 8000.01 DODI 8510.01 DODD O-3600.3 DOD 5105.38-M DODI 5132.13
Management of the DOD Information DODI 8552.01 DOD IA Certification and Accreditation Technical Assurance Std. for Computer Security Assistance Management Staffing of SCOs and Selection/
Use of Mobile Code Technologies in DOD Information Systems
Enterprise (2006, pp. 19) Process (DIACAP) Network Attack (CNA) Capabilities Manual (SAMM) Training of Sec. Coop. Personnel
(2009, pp. 11) (2007, pp. 53) (2005, FOUO) (2003, pp. 726) (2009, pp. 16)

DODD 8320.02 DODD O-8530.1 NSTISSI-1000 CNSSP-1 DODD 5132.3 DODI 5205.10
Data-Sharing in a Net-Centric National Information Assurance C&A National Policy for Safeguarding and DOD Policies and Responsibilities DOD Treaty Inspection Readiness
Department of Defense Computer Network Defense (CND) Process (NIACAP) Control of COMSEC Material Relating to Security Assistance Program
(2007, pp. 9) (2001, FOUO) (2000, pp. 39) (2004, pp. 4) (1994, pp. 10) (2009, pp. 6)

CNSSP-6 CNSSP-3 ABOUT THIS CHART

DODD 8115.01 DODI O-8530.2 National Policy for C&A of National National Policy for Granting Access to
IT Portfolio Management Support to Computer Network Defense (CND)
Security Telecom and Info Systems Classified Cryptographic Information
This chart organizes acquisition security policies
(2005, pp. 9) (2001, FOUO)
(2005, pp. 5) (2007, pp. 12) Transportation Mgmt Emanations Security and guidance by purpose and Office of Primary
DODI 8115.02 DOD O-8530.1-M NTISSP-11 FIPS 140-2 DODD 4500.09E DODD C-5200.19 Responsibility (see Color Key). It is intended to
IT Portfolio Management National Information Assurance Security Requirements for Transportation and Traffic Control of Compromising Emanations
Implementation CND Service Provider Certification and Accreditation Program Acquisition Policy Cryptographic Modules Management (U) show all policies an acquisition program may need
(2006, pp. 36) (2003, FOUO) (2003, pp. 6) (2002, pp. 69) (2007, pp. 10) (1995, CONFIDENTIAL)
to comply with and direct them to the full text.
DODD 8570.01 CNSSP-14 FIPS 199
IA Training, Certification, and National Policy Governing the Release Standards for Security Categorization
Space Workforce Management of IA Products/Services... of Federal Info. and Info. Systems
Supplier Assurance Policies that cross categories apply to both
(2007, pp. 10) (2002, pp. 7) (2004, pp.13)
Common Criteria Trusted Foundry categories. No meaning is intended by the
CNSSP-15 FIPS 200 AT&L Memo
DODD 3100.10 DODD 8581.1
National Policy on the Use of AES to Minimum Security Requirements for
Common Criteria Certified Products
Interim Guidance on Trusted Suppliers organization of the categories.
Space Policy IA Policy for Space Systems Used by the DOD (certified by U.S. only)
Protect National Security Systems... Federal Information Systems for ASICs
(1999, pp. 20) (2005, pp. 22) (2003, pp. 3) (2006, pp.17) 2009, Webpage (2004, NO COPY AVAILABLE)
In the electronic version available on the DDR&E/
CNSSP-12 CNSSP-17 SP 800-53
National Information Assurance Policy Recommended Security Controls for Common Criteria Certified Products List of Accredited Suppliers of Trusted SE website (http://www.acq.osd.mil/sse/), each
National IA Policy for Space Systems Used to Support National Security Missions (certified by all CC participants) ICs
on Wireless Capabilities Federal Information Systems
(2007, pp. 10) (2005, pp. 8) (2007, pp. 188)
2009, Webpage 2008, pp.1 policy is hyperlinked to its full text online. To use
CNSSP-21 CNSSP-19 DODD 4140.1 DOD 4140.1-R
the hyperlink, simply click on the policy.
National Information Assurance Policy National Policy Governing the Use of Supply Chain Materiel Management Supply Chain Materiel Management
on EA for National Security Systems HAIPE Products Policy Regulation
(2007, pp. 8) (2007, pp. 8) Anti-Tamper (1993/2004, pp. 5) (2003, pp. 308) For printing, the print version is best viewed on
DODI 8500.2 DODI 5200.39 - Duplicate
22"x17" (Size C) paper.
Information Assurance Implementation Critical Program Information Protection within DOD
(2003, pp. 102) (2008, pp. 20)