Defense Information Systems Agency Defense Information Systems Agency DISA _e0be573e-6abf-4d9d-90be-bc698f7dbb5e We at DISA imagine and envision a world in which information is virtual and on demand with global reach. Information is protected by identitybased capabilities that allow users to connect, be identified, and access needed information in a trusted manner. It is a world in which United States military forces can deploy and connect no matter where they are located, pull information needed for their missions, and be given timely, accurate information on any threats they may face. It is a world with no seams between the sustaining base and the tactical edge so that operational agility is enabled. It is a world in which the United States military can freely exchange information routinely with coalition partners and others responsible for the security and defense of the United States. The technology employed is agile, adaptive, and capabilities-based. And, we imagine and envision a world in which our soldiers, sailors, airmen, and marines are equipped with capabilities and services that are state-of-the-art. _6059f3e5-b9f3-4acf-a503-3c77c4d9e695 04ba154e-82c6-47d3-b006-5c62118edcbe Speed Deliver IT capabilities and services faster _3749cd26-a243-452f-aaa5-763f79a54470 1 We will become the joint acquisition agent of choice for enterprise information technology capabilities and services. We will adopt innovative ideas and processes to deliver capabilities and services that our forces are able to use with agility. We will increase the speed and flexibility of the requirements and acquisition processes used in delivering capabilities and services, and we will tailor oversight and governance to be commensurate with risk. Our goal is to close the gap between the availability of technologies and fielding them for warfighting advantage. DISA will follow the precepts of adopt-before-we-buy and buy-beforewe- create. If another organization has developed or acquired a capability or service that either fits or is close to fitting a need we have, we will adopt it. Where adoption opportunities are not available, we will turn to the private sector and acquire a capability or service that either fits or is close to fitting the need. The final choice is to create or build. We intend to avoid development and turn to others for solutions when we can. Speed of deployment is often more important than a perfect solution. We will pursue the adopt-before-we-buy and buy-before-we-create approach partly as a way of getting the 80-percent solution in the hands of the warfighter quickly. A fundamental element of our strategy is teamwork – teamwork with stakeholders, customers, and vendor partners. We will use a federated development and certification environment (FDCE), the “sandbox,” in which all can participate to foster innovation and collaboration and to introduce new capabilities and services into the GIG. We will ask developers, testers, and users to play in the “sandbox” by exposing candidate capabilities and services to warfighting, intelligence, and business users via the FDCE. We will incentivize vendors to do the same. Some candidates will take off; some will not. Success of the FDCE is dependent in part on the ability to do an early kill of those that do not. In any case, this richly collaborative approach will bring the best and brightest to the forefront and help us to speed the delivery of capabilities and services to warfighters. Innovative Approaches Employ innovative approaches to exploit the flexibility in the acquisition process. _aba7a747-e526-419e-83cd-ecfd02bd1ffb 1.1 f3afd769-f1ab-4ce1-b647-cd46949e3086 43aa33ca-e572-430a-a57d-5f934aa461ab IT Acquisition Change the way the DoD acquires IT to deliver capabilities and services at speeds commensurate with the Internet. _1a4fba2d-9828-4e73-b207-785fe4eadbad 1.2 2a40e24c-3e21-446d-98c2-42894b7a0cba 30ae03c4-cc7d-4c0e-b9dd-3185a309aaec Governance and Oversight Tailor governance and oversight commensurate to the level of risk. _c936d834-979e-42f6-8795-acbc450b4c9c 1.3 ab460c4c-5164-4a3a-8d06-bc37cf9ab7c5 5bc1b5f8-d588-45e8-838f-599604fb1122 Competition Aggressively exploit competition. _0dca99cb-4713-4732-9cb0-3598c5d38cd4 1.4 108b92a7-cb69-42d0-922b-120dcd460415 872432b4-bca8-4e80-aba0-ffc320701958 Performance-Based Approaches Use performance-based approaches such as statements of objectives as a principal acquisition tool in lieu of detailed specifications. _9cc3d908-ebd9-4a1c-a811-d4bb89389138 1.5 89b323e6-ab9a-4ece-8431-151669928ed3 73003666-6bcb-44d6-bf4f-0b86f049ab43 Service Level Agreements Use service level agreements to define performance expectations. _3691449d-19fe-4afd-9916-20a5e7f5db92 1.6 1d26ae58-5e0f-48d9-9983-d7edeaae34c1 0fbb4675-b6c2-4673-a906-822c1b04a081 Pilots, Proofs of Concept, and Experiments Use the FDCE, pilots, proofs of concept, and experiments to determine if candidate capabilities and services are suitable, can scale, and can operate in appropriate security and operational environments. _a6afd155-b008-40bd-9b98-41948c523c00 1.7 3ffb5b88-8c3c-4553-bca0-8cd31eeabaa6 a77efa43-5635-49e9-bce3-c1afb27cdc96 Involvement in Sourcing Decisions Ensure early and continuous involvement of Combatant Commands, Services, and Agencies and other communities of interest in sourcing decisions. _d012be8d-bacb-48ed-acd2-57606292a46a 1.8 41cb7a01-6f7a-48de-bbe5-e82428739a10 273496c4-f0a8-4ab4-90be-f6aeef39330e Bandwidth, Processing, Storage, and Web Services Maximize the use of on-demand delivery of bandwidth, processing, storage, and web services, leveraging commercially available offerings. _fd79a9cb-0788-4952-ae72-ba7d230f760e 1.9 5054fd9e-fa27-40c2-b2d0-6361c4916d2a bb9663c9-1f3b-4e17-8a93-9d716b72b790 Industry Partners Develop innovative relationships with industry partners for strong performance-based solutions, speed, risk balance, and mission assurance. _6389fc6d-72b4-4c90-b9e4-65153b7bf38d 1.10 d7d1aaaf-671e-4d6e-90fd-7809062b53cb 8bcaf082-b7fd-4cb2-a35b-8f738ac99c3c Power to edge Extend enterprise services to the edge _f0175efe-39ac-4726-ae78-4e9936cef597 2 Warfighters must have access to timely, relevant, and accurate information anywhere, anytime. Success depends on the right information being available and usable by commanders at the right time. Therefore, it is no longer sufficient for DoD components to provide segments of the network that are independently developed and managed if these conditions are to be met. DISA will synchronize and integrate efforts with our partners to bring coherence to the network and extend DISA-provided capabilities and services to the edge. This translates into the need for enterprise wide systems engineering, a common strategy and architecture, a single concept of operations for network operations, configuration control, and situational awareness that comprehensively spans the sustaining base to the tactical edge. The Enterprise Information Environment (EIE) provides standards, rules for data accuracy, the framework to place data on the network, and governance of information on the network. As the foundational element of the EIE, Net-Centric Enterprise Services (NCES) supports all mission areas and provides enterprise services to integrate the warfighter, business, and intelligence mission areas. The Department must transform spectrum management, transitioning legacy processes and capabilities to support net-centric operations and warfare. DoD’s spectrum access, when and where needed, is vital to the deployment, employment, and sustainment of a warfighting force anywhere in the world. Technical Procedures and Standards Publish a set of technical procedures and standards to provide an enterprise wide design pattern for service and capability developers to ensure interoperability of independently developed IT capabilities. _aeae5c6d-6b10-4ff7-8ca4-3d35a7ea8fd1 2.1.1 49c1f379-0f7d-42b9-9a4e-ab5f6a6d1deb 4f3a4b58-1400-4ac3-9aa5-3cd521dd2415 SOA Center of Excellence Establish a center of excellence for service oriented architecture (SOA) to lead SOA implementation in DoD. _5bc6bab6-1255-46e8-8587-90195aa8f46d 2.1.2 4969ebf4-f55e-40dd-b148-94f03f00c97d e3dfb6d5-4d3b-4cd7-a090-8236442b37e1 SOA/Web Services Migration Migrate proprietary application interfaces and legacy information technology architectures to a SOA foundation, based on open webservices standards including loosely coupled core enterprise services. _df9cf0a4-4086-45be-b62c-d8287a2ccd4f 2.1.3 0efe1f4d-477c-4151-a192-c6f01deb92d8 b09b6db5-3c3e-4e46-bde4-e12c63052d1c New Capability and Service Metrics Develop criteria with clear metrics for accepting new capabilities and services identified in the FDCE onto the network. _403fcc43-4c77-463c-bc94-4a72fbd0779a 2.1.4 34d2d257-4721-401e-9d00-dfa3d9788096 619f34f8-b7d0-4470-9a0d-5faf4a2491df Directory Service and Interoperability Standards Implement a joint enterprise directory service and produce interoperability standards for enterprise directory data and metadata. _5bd9f4c7-835f-4e3b-939a-b01c6c730f51 2.1.5 947d7185-1d65-401f-a8f7-a4b30d5ef70d 0405bc0d-3893-437b-a239-5fedabf781f2 Naming Conventions, Schemas, Interface Specifications, Tools, and Interoperability and Performance Standards Enable the DoD data strategy by publishing naming conventions, schemas, interface specifications, tools, and interoperability and performance standards. _408f11bd-08c3-49e7-9f0b-a78110c8a1b4 2.1.6 f6ed7d96-8218-4965-b126-372b1fb8aa34 ebd379fb-57da-4ecb-a928-3a4e0f4a8ec7 DoD Data Strategy Ensure that all appropriate DISA internal systems are compliant with the DoD data strategy. _208d0bbe-8a64-4470-9b5f-7909f1586e3c 2.1.7 bc092c07-af5a-475b-854a-74dae40c0983 1e83f4d6-16dd-46b0-b94d-d372819db3f7 Internal Technical Procedures and Standards Publish an extension of the EIE technical procedures and standards for DISA’s internal systems. _50eb96b2-f304-4b87-962f-5275d4d7b131 2.1.8 7be1da4b-016c-4007-9d03-d0a3ebf1552a f8caf087-d109-4195-9e17-e21b0ce5987c SOA Governance Develop the DISA SOA governance approach. _b500bc24-1c79-4e00-99d0-bdcc72e25d84 2.1.9 37872803-6cbb-4c78-a553-71a995e4db72 22f7fa3c-6a29-4984-9301-eea3864c1d5d Situational Awareness Deliver global capabilities and services to extend situational awareness and control of information across the sustaining base to the tactical edge. _611deb07-6d4c-434f-bae3-6637c9e1353c 2.2.1 ed1204a5-f590-48a8-80c1-79fea43bf009 d0419d72-78de-41bf-89e6-b422f06c5609 Information Dissemination Management Establish policies and processes for information dissemination management (IDM) describing where and how data, capabilities, and services will be provisioned, stored, and managed on the network. _37417ac6-b264-481e-8678-759c054feaf1 2.2.2 ac802729-e87d-4a1a-bb4d-04d607afa665 42899c07-60d5-4121-b295-8dbf03efa497 Information Requirements and Content Staging Develop a process to achieve the capability to model information requirements in support of deploying warfighting forces and to execute content staging forward to support them. _695d6a0b-5c9e-48e8-a56b-b277a70a90c2 2.2.3 942b6d59-2541-468c-967a-364b11ee3e9f 751768f3-6648-4025-ae2a-5934130c3fac GIG Oversight Provide continuous oversight of the GIG’s evolution. _edf404b9-b9e4-4e22-a29b-c18016bc0160 2.3.1 6b2ccb2f-321a-4fb5-b98d-65550ac14695 987c2c11-637d-494d-a4b8-1bebdffdf54c Technical Baseline Maintain a GIG enterprise wide technical baseline. _b52787a0-4357-4316-9c05-7debb93a08c0 2.3.2 15f8369d-b056-4370-831f-0977c85b4bff 9db3daa5-02e5-4d5f-aa07-a53a80be7653 Enterprise Analysis Establish enterprise wide analysis capabilities. _6cd47866-4894-4ee0-b6e3-8d5ef049e312 2.3.3 1306e2d3-003a-4a64-bee6-d607e680ddd6 f8cbfe93-562c-4ad2-b365-3f99dda7d178 Compliance Management Establish a GIG compliance management program. _bcfd270a-66ed-4dd6-b6e6-308422fee36d 2.3.4 405344f2-7791-45d6-bcb5-86f9448c87ac ce9ba0a8-0d25-4e60-8509-6e8c12ef38e9 Standards Establish and publish standards. _a5645132-480d-4b98-bd67-ec930c727054 2.3.5 c3dec75d-7401-4e7c-a0aa-62d66a8ce59b 593475fb-2fa7-44dd-bb7b-2ac6fdc79c25 DESMSP and DSMA Update the DoD Electromagnetic Spectrum Management Strategic Plan and develop the Defense Spectrum Management Architecture (DSMA) to guide the Department toward net-centric spectrum management. _3ea2469c-3fa5-4128-85d3-ff0e481e62e8 2.4.1 bdee9af0-9c3c-48bb-adea-b29dce2d9a95 46665a24-4020-4fcd-bc60-467438134390 DSMA and GESIS Develop a roadmap to achieve integration of the DSMA and the Global Electromagnetic Spectrum Information System into planning and execution. _428b522d-1f0a-4e22-8bbf-7db3c70024cb 2.4.2 50a56c11-254e-4cd5-94c9-f3d3fefafb11 aaa738c2-735e-49db-a141-bcd3adf3d154 Dynamic Spectrum Access In coordination with NATO and other bodies, develop strategies to introduce dynamic spectrum access technologies and techniques, nationally and internationally. _b4116f52-2537-48ae-82f4-26c5dc4575c3 2.4.3 beed37e6-9cc1-439f-a6c1-34ab3bb604b8 2f6ddfa9-c471-4a5a-8d13-ed2712b00a96 Technology Investigation and Integration Develop enterprise wide capabilities to consistently investigate and integrate spectrum-efficient technologies into DoD systems. _7ac45ec7-adf1-49c4-b7d7-cbcbdba4375f 2.4.4 b05fc64b-01f0-449c-9710-517a29bf5eef 4278f882-7ac5-4f6e-a834-a981dd41c2ff Management Processes Develop efficient spectrum management processes using advanced technologies and techniques. _fdb0f588-c589-456c-8cdf-529df092364a 2.4.5 9292a0e9-7f02-4fae-b2bc-f5f643f1943f f0721cfb-c7fd-4608-a3ad-d05b507c5926 IP Network and Services Migrate from circuit-based technology to a converged IP network and services environment in accordance with the GIG Convergence Master Plan. _4f9257a8-1dd5-4128-8380-bf79f54f185c 2.5.1 98106888-872f-466a-814e-b54ef5e51a42 da787fe1-5b45-4c00-ad5a-a741c47324a0 QOS and Delivery Assurance Implement quality of service and assured delivery capability for network and real time services and applications, with parameters that ensure proper end-to-end operations. _cbf30ec5-8115-4d2d-b50e-4b3961739c68 2.5.2 d48289ad-629a-4553-a668-e00b0123c0e6 ece14bf3-c6d1-4d62-b89a-501c33e9241e Communications Network Evolve to a single virtual DoD terrestrial and satellite communications network providing capabilities and services from the sustaining base to the tactical edge. _49e90d02-c8e7-4d85-87c1-153f9a1fc87a 2.5.3 c88938eb-b891-4e5b-aa35-8e274ff2c40d f249da92-2290-46f0-9383-bba7665a1b29 SATCOM Services Provide responsive, agile, and cost effective commercial SATCOM services. _bdcff5a2-e367-4077-b309-41b2572c828b 2.5.4 046c79e9-5fa2-4ab9-b737-d34236e5edd3 73264361-f487-4ef9-ad60-43c0e6886106 Wireless Strategy Continue development of the DoD wireless strategy. _29e566df-0ddc-4b77-a88c-0e02f20ac454 2.5.5 a4046303-b885-46c7-a495-674aa5673b3d a81e44ec-b486-4e72-83e6-3baa4037eb7b Virtual Provisioning Establish processes and an online mechanism for customers to directly provision a virtual operating environment on demand within minutes to meet ad hoc, real time warfighter needs. _1fa8b8cd-7e17-4b41-bb2b-62679f81bd5e 2.6.1 e603e3a8-53c2-490d-81ee-72543880c5e4 a1826946-b9a7-4e3d-9ab5-82e51181295f Dynamic Scaling Establish a capability for applications to dynamically scale computing resources up and down on demand to meet traffic loads. _b79dad50-d791-4bc9-bce7-a7af506e138b 2.6.2 ac21acbd-5e96-4335-9bbd-e0c75ce792d0 b0772b85-2839-4954-a88d-2fbaac54b18e Globally Accessible Storage Provide an enterprise level storage capability globally accessible to all DoD applications. _baa62f04-5751-404a-835c-34e8139a74a1 2.6.3 b3145c06-a3b5-41e2-af5c-8faa9bcd3533 c90aa168-01cb-4031-9a2b-7345aa5bd588 GCN Vocabulary and Standards Develop a common vocabulary and performance standards to describe a range of GIG Computing Nodes (GCNs) that can be used tactically. _bfe7d5a0-0a84-4a5a-bf0d-2a338cfd22bf 2.6.4 78d22ad0-f1f4-4e56-aa02-019a0c658f19 b4a9813a-0256-49d3-ba94-158c64601bd1 Operational excellence Accelerate operational effectiveness and efficiency _369f02ff-8ad9-422c-a875-79add291071e 3 The GIG is centrally operated, managed, and controlled in support of net-centric operations and warfare by the Joint Task Force-Global Network Operations (JTF-GNO). DISA is responsible for operating and sustaining the Defense Information Systems Network (DISN), the enterprise computing centers, enterprise services, and command and control capabilities and services. Providing efficient and effective capabilities and services requires excellence in customer relationships and the agility required to adjust to dynamic requirements. We will partner with our customers and evaluate ourselves in terms of their success. We will simplify the business model for cost recovery of all DISA services. We will dramatically increase communication with our user community through improved web and web-services access and services status, and we will provide our customers with a feedback mechanism. DISA’s enterprise computing centers will be dramatically different in the future. Today, they are principally hosting environments for combat support applications in which customers pay for services either through rates or full cost recovery. While this model will continue, DISA’s computing centers will also provide capabilities for rapid, just-in-time scaling of processing and storage to meet unanticipated needs for web services and other warfighting demands. Therefore, the enterprise computing centers must evolve technically and operationally and with business models that support the evolution. We will structure NetOps capabilities to maximize operational effectiveness. We will implement enhancements to facilitate efficient provisioning, management, and cost recovery. NetOps Architecture Continue development of the DoD NetOps architecture that includes standards, policies, and processes. _4dea1252-a868-46c6-8930-634114ec75c9 3.1.1 20cb3a67-9078-4e0d-9d47-18421a58f928 855dd2be-0210-478e-8e5d-9c24d529a0aa Integration of Telecommunications and Computing Service Management Develop NetOps concepts to integrate telecommunications and computing service management to ensure timely access to and efficient use of information needed for mission execution, and optimize the NetOps centers to include continuity of operations to gain efficiencies. _8a4f67ed-c372-439b-b0dd-abb5878e8c25 3.1.2 51647da0-6290-4560-83d9-fea55d7b54f1 35f75d3f-90ba-45d0-98b9-694beec5083e GIG Management Automation Automate the management and control of DISA elements of the GIG using machine-to-machine concepts and technology to reduce human intervention, improve availability and security, and reduce costs. _dac006f0-8ea7-495e-b1ac-062b6d4e9776 3.1.3 e3cf80f9-bdbb-412c-8f26-a48a62d7af65 4623e0e0-711e-477d-b60f-e0dec7e5d4d0 On-Demand Provisioning Processes and Procedures Implement processes and procedures to support provisioning capabilities and services on demand. _464431ad-14ff-41fb-8214-6f573d10e129 3.1.4 9eee9b4b-6723-470d-bf5a-bd68e7a4e17b 1ddbb974-9cd2-49ca-b9f9-72f3ab75e2e5 Operational Standardization Standardize operations of DoD Teleports, Standard Tactical Entry Points, and other SATCOM gateways to ensure optimum management, use, and cost effectiveness. _f879b8cb-10b8-4927-9af3-8f62f5b2b9dd 3.1.5 c1e3d545-474d-448a-b74e-d69febfb837f dffde8fc-b406-4925-8532-3f307b6ac2a0 Gateway Standardization Standardize the operation of gateways between the GIG and the Internet – to include DoD Internet Access Points (IAP) and Demilitarized Zones (DMZs) – which enable protected and controlled access between the DoD and its partners. _4cf96238-7e2d-4e47-86e6-8d2537bff40a 3.1.6 8e9bc22b-12c0-4265-9f22-22d0abfce72b ffccd4de-b156-46ed-bfae-e6c25489cfc7 Service Level Management Establish the definitions, standards, and processes for service level management of DISA-provided capabilities and services. _ff91c850-5372-4a56-803e-7c08a1a2f613 3.1.7 750e4ad3-9e79-406f-b577-80cfdc18dbb7 5cce1122-98c0-490b-a6f9-229521e2f50c NetOps Criteria Develop criteria for DoD NetOps which address education, training, and certification of the workforce. _13a9d62f-4767-438e-9362-f3165e3784f0 3.1.8 e67f0fca-61ab-4b30-a5e0-a2f1c66dac9b 35c34f45-7932-442d-83c5-3f84b0f9372b MSPP and MPLS Transition from Asynchronous Transfer Mode (ATM) based services to Multi-service Provisioning Platform (MSPP) for physical circuits and Multi-Protocol Label Switching (MPLS) for the virtual circuit equivalent. _290879b9-5c83-447a-aed8-dcf89e2a87fc 3.2.1 b5647b8a-10b3-4e9d-afcb-fe48c855137d ed1e1505-992d-4978-880f-fd326ec62d00 Refreshment and Expansion Ensure the DISN is appropriately refreshed and expanded to provide improved security and to meet capacity demands. _b0ff3a1f-7ae4-47c4-8357-7f940b80983b 3.2.2 eb8e8681-b24f-4283-9a2a-6f975d45968e 8e2a638e-cc66-4c03-9787-0295789d7762 Virtual or Grid Computing Move toward the concept of virtual or grid computing in which applications will utilize available computing capacity irrespective of geographic location. _bd4c9885-4047-40a0-b859-38849e885ed8 3.3.1 7fc0f30b-b37d-4246-bcfa-0e51fb68e34d fa944326-abf2-49a1-9c49-1937fde885c9 Storage Provisioning and Management Expand to provisioning and management of enterprise level storage capability ensuring data accuracy, integrity, and assurance. _a00c6a96-4b56-432d-abae-6a24bb2ce847 3.3.2 76212898-b83a-4a44-918d-433147475961 168caf20-26c2-410f-8899-7cfc53ed7e4e Sharing and defending information Enable sharing of information while staunchly protecting it _f9391e2a-4d7b-4169-82ce-1bff4029771e 4 A warfighter’s ability to leverage the right information at the right time is the difference between mission success and mission failure. We will provide state-of-the-art capabilities and services that enable sharing of information through an assured, accessible net-centric environment. These capabilities and services will enhance planning and execution of joint military and coalition operations in a responsive, agile, and cost effective manner. We will enable transition from a culture of need-toknow to one of need-to-share, while ensuring that the Department can still keep a secret when necessary. New sharing relationships will be built virtually and instantly. We will aggressively develop and implement measures to manage and defend the GIG to ensure warfighting forces, including partners and allies, can deploy and connect globally, and share timely, trusted, and accurate information needed for their missions. We will design, implement, operate, and sustain the GIG for maximum mission assurance in the face of kinetic or cyber attack. We will propose policy and implement instructions for security certification and accreditation supporting the fast paced, often ad hoc, on demand nature of net-centric operations and warfare. We must be able to add capabilities and services to the network at Internet speed. Net-Centric Collaborative Information Environment Deliver the Department’s C2, combat service support, business, and intelligence capabilities using a net-centric, collaborative information environment. _78769641-8fb5-456b-869d-a1747d5007a8 4.1.1 c5e103c3-12d5-4f2b-93e7-b7a0cdf980f4 ffe75609-5376-4aaa-85f5-1b8bc9467882 Technical Procedures and Standards Publish an extension of the EIE set of technical procedures and standards for the C2 and combat service support, business, and intelligence communities. _fa4b646e-97a2-456b-95a7-299c0f625ffe 4.1.2 e8bf9833-6476-4386-a1c6-e56276144c49 3728947f-8722-4dd0-b38b-dd3331effaeb Standard Information Sharing Capabilities Provide standard coalition information sharing capabilities by combining the CENTRIXS, Griffin, and REL DMZ efforts and integrating them whenever possible with C2 and combat service support capabilities. _a884343c-cbd6-4a1b-992c-4c8c79bf0453 4.1.3 d9204fb3-4710-46f3-a48e-50406dcfe2e3 4df9d493-3ac8-4793-ae32-038b1daf0a4a Cyber IDs Deploy cyber identity credentials throughout the GIG for safer and broader sharing. _da3c8cfc-bdc6-4518-9439-b79e45f82ffb 4.1.4 9f7107cd-fa31-43c3-b540-65426db71c59 f8128bfb-79f6-4f90-9d26-3836370eaa01 PKI Assessment Continually assess the Public Key Infrastructure architecture for effectiveness. _9e9396a0-55fd-404e-a3a8-ac75047df4c3 4.1.5 dc283650-27ba-44f7-92fd-cfe591456ef0 70e30f5e-8e0f-489a-9c32-5cf53c22303f NIPRNet and SIPRNet Redesign the NIPRNet and SIPRNet, including certain shared components (e.g., the domain name system), to dramatically enhance security and improve sharing. _606c2b39-bf82-4259-b3cc-352bcdacacbd 4.2.1 77e71812-b555-405f-bdaf-4648f32ada60 120a3309-a099-49f1-a1e4-ebf8c11d0542 Gateways Develop and operate strengthened gateways between DoD and the Internet and between DoD, other United States networks, and coalition networks. _f29af586-735f-420b-9aa5-628ee5dabb29 4.2.2 7c57bb09-4abb-429b-9823-1b4f0b18078d d1d3079b-6986-4a97-aed5-d0ff8eb39707 Publicly Visible and Partner-Facing Applications and Services With the Services and Agencies, plan and execute the movement of all publicly visible and partner-facing applications and services into DMZs to improve sharing and security. _4699a354-3bcd-47b8-9a25-af6bb1ce0607 4.2.3 51e6791c-9c45-4e59-b6de-4b5f2e17bba3 6b171169-bb24-41de-8fe8-a155fcda8187 Security Configuration In coordination with other federal agencies and industry, provide security configuration guides, checklists, gold disks, and other standards to properly configure and manage applications, devices, and enclaves. _9920540e-f1a3-4908-bcaf-33c8151fe0b7 4.2.4 c51e1f16-30b5-46fb-a71d-9681663b99dd 07ef5f6a-6ec6-456c-b166-ab33e178342b Defense, Attack Sensing, and Situational Awareness Tools and Capabilities Plan for, acquire, and deploy enterprise wide tools and capabilities that improve defense, attack sensing and reaction, and situational awareness. _05e3743c-10a9-421e-9c00-550f95e16ee7 4.2.5 80a4ff20-60a6-4ce5-81a3-fcd972894722 4051d997-08d6-4e8a-9060-1256e61ca5e6 Design Evaluation and Testing Develop and use a standard IA design evaluation and testing process for capabilities and services as part of the FDCE process. _16ef2156-b935-4f0b-9331-757bc9aa5f2a 4.3.1 b2ead341-5e23-4a09-b615-1464c96fd5f5 b8bfb5cb-9698-4c92-9c51-c08fddba6c91 C&A Develop policies and procedures for certification of organizations trusted and empowered to provide DoD certification and accreditation (C&A) of capabilities and services to be placed on the network. _c3d1826e-323b-4892-9788-77305b5bf38c 4.3.2 d65741e9-ded5-4314-a108-a8ff38905fb3 fae00f00-7d1a-4ceb-8c5a-d5a28b549723 Standards Compliance Develop and implement processes and procedures to ensure each capability and service placed on the network meets DoD data sharing, reliability, performance, and security standards. _30410cf6-9cf9-4327-9347-ff706fd8e7e4 4.3.3 2d318078-b1d3-4d33-8ea0-dc4837664926 cfee996b-c3ae-4b42-9ec4-e93db8a8812f Intrusions and Attacks Develop and implement a DoD-wide intrusion and attack detection and diagnosis plan across all aspects of the delivery of capabilities and services. _831edd25-1d16-41ca-8572-c769b3e53711 4.4.1 0f2a5501-1619-4650-ab2d-c69e52c285c6 20518908-e9c7-4baf-82a0-3585a3761cdc Insider Threat Develop a DoD-wide strategy for, and deterrence of, the insider threat. _43323d76-7af4-446b-8453-892742d4c534 4.4.2 43d32c44-a422-4328-a5fb-1592f6accc2e 7fafb358-e0ed-44b5-a8c6-de25be16be7f Best value Customers know and understand the value of DISA capabilities and services _747ad3fc-21ec-4f0e-9983-64e6888f2341 5 We will excel in our stewardship of taxpayer dollars through integrity, full and open financial disclosure, fiscal discipline, and professional competency. Success in these areas will lead to well-informed and accelerated investment decisions throughout DISA. We will attain a clean audit opinion. Full financial disclosure is a cornerstone for attaining the highest standards of performance. With underlying comprehensive fiscal oversight, we are committed to lead and excel in the mutually supportive areas of cost visibility (open books), financial accountability, and fiscal discipline. We will clearly link DISA-provided capabilities and services with their costs. This will allow customers and stakeholders to clearly see full value from every dollar in DISA-provided capabilities and services. Budgets Develop budgets that are compelling, defensible, consistent, and clearly aligned to support DoD priorities. _45d7aa4a-2f43-431d-9d63-2715856dcb84 5.1.1 c83fd55d-ace4-44f4-8311-4425ae3fb2d9 6d6c97c4-fa0e-4646-8dda-6c78eff18e78 Investment Plan Develop a metrics-based investment plan for use in the programming and budget processes that will allow practical evolution of capabilities and services over time. _ba28d1a4-3f86-4768-a6cd-320dd7b0bc53 5.1.2 9e20147c-d446-4d85-9370-2fd0967be7bb dcd7bf12-4f30-46e6-8fa7-78864f40614f Performance Metrics and Forecasts Improve metrics that forecast areas of potential weakness and track actual performance across the breadth of financial activities. _62fd1a1a-3d77-4f4f-a075-c98fdcc1db62 5.1.3 44179c46-4fe9-4d9c-9743-67cd7838e253 5d784180-65b9-462c-a184-8a27c8c4d3d9 Simplification Provide a simplified approach for customers to conduct financial business and share information with DISA. _972328f0-7284-4d1d-929f-4c8b18bba832 5.1.4 3f364eb7-f38a-42a1-9c5e-b1a7c8a19d57 7ea30e5f-8ead-4e0e-911d-1005e9584779 Financial Accounting Collaborate with OSD, the Defense Finance and Accounting Service, and others to implement a new financial accounting system and improved policies and processes. _8cf18c2e-db21-4e16-91c1-fce95596f0bb 5.2.1 3cc87725-d056-47b5-825c-cb9c97401470 865a1991-73d2-4110-b81f-6b30281a52ca Transparency Ensure our internal processes are transparent so customers and stakeholders will understand our costs. _519a40eb-e387-4f1f-bdda-a038c1c6750a 5.2.2 2a934400-65c1-4344-be28-2062deea8e3a ca4b8a88-77f7-4c3a-9a75-284f4827f8bf Cost Recovery Propose and explain cost recovery for DISA-provided capabilities and services such that our customers understand and accept their bills. _4f6ad6e6-4d08-4743-98c3-a805243ac100 5.2.3 2aad2cdb-2221-4642-a6b4-869e7f8ba19d 76417d7d-9be2-4a19-90e9-18c0a59a1ad5 Service Metrics Develop and track service metrics jointly with customers that reflect what is needed for their mission accomplishment. _93f3e973-fb08-490b-96b4-9dbb2daf0573 5.2.4 2f4f51e1-9e67-4f08-b7e2-f01723d224e0 b6311458-e104-4915-845c-16d4dbf7c759 Investment-Based Metrics Establish investment-based metrics that track use and cost of bandwidth, processing, and storage. _1e5e85c2-d09f-4e61-bee5-8b2a7b3a2307 5.3.1 8513f037-fdec-484b-afca-72fbdac70301 3b052513-0f81-44e7-9aeb-2053a8484569 Costing Mechanisms Use clear and understandable costing mechanisms to establish fair and reasonable costs to customers, estimate costs effectively, deliver internal support services efficiently, and make informed resource allocation decisions. _0108d479-5d86-4646-8a77-b96e825d2489 5.3.2 59ab8f32-9cfb-4550-896f-f8494d08b161 cb466162-567b-4159-9be8-5af690628236 Cost Drivers Define and measure cost drivers and manage those drivers to favorably affect the cost and content of our capabilities and services. _a5836dee-4648-4a1f-842e-665f80c933bc 5.3.3 1bfa6ff5-5314-498f-a5e3-2ffdd0cce025 82726934-25c1-4de3-9b81-2c84d39118e6 Cost-Based Policies, Procedures, and Practices Implement policies, procedures, and practices to ensure we are costbased. _4c7cf9ae-a359-40ec-ab1b-fa911abb2cce 5.3.4 9fb51057-8163-4b0e-be68-e7e8f6e19bff 0872ca13-4aa1-468d-96d4-24cfbb42fbdc 2010-02-08 http://www.disa.mil/strategy/strategy_book.pdf Arthur Colman (www.drybridge.com) colman@drybridge.com Submit error.