Department of Defense Information Assurance Policy Chart (DoD IA Policy Chart) is a chart developed by Information Assurance Technolgy Analysis Center (IATAC) [1] for the US Defense-wide Information Assurance Program (DIAP) behalf of the Deputy Assistant Secretary of Defense (DASD) for Cyber Identity and Information Assurance (CIIA) that pulls together all of the IA policies into a single document. That chart appears below. It was inspired by the creation of a similar Acquisition Security Policy Chart by the Office of the Under Secretary of Defense for Acquisition, Technology & Logistics. The goal of the IA Policy Chart is to capture the tremendous breadth of applicable policies, some of which many IA practitioners may not even be aware, in a helpful organizational scheme. The use of color, hatching, fonts and hyperlinks are all designed to provide additional assistance to IA professionals navigating their way through policy issues in order to build, operate and secure the Global Information Grid.
Navigating around the IA Policy Chart: Essentially, the Chart is designed around the four CIIA goals [1) Operate 2) Enable 3) Anticipate and 4) Prepare]:
1) Organize for unity of purpose and speed of action (shortened to "Organize" in the chart). 2) Enable secure mission driven access to information and services (shortened to "Enable" in the chart). 3) Anticipate and prevent successful attacks on data and networks (shortened to "Anticipate" in the chart). 4) Prepare for and operate through cyber degradation or attack (shortened to "Prepare" in the chart). These four goal areas are subdivided into activities supporting each goal.
On the left hand side of the chart is a legend that identifies the originator of each policy by a color-coding scheme. On the right hand side of the IA Policy Chart, there are boxes, which cover the legal authority for the policies, the federal/national level of IA policies, as well as operational level documents that provide details on securing the GIG and its assets. Links to these documents can be found in the Chart.