Information Assurance

This regulation provides Information Assurance policy mandates, roles, responsibilities, and procedures forimplementing the Army Information Assurance Program, consistent with today's technological advancements for achieving acceptable levels of security in engineering, implementation, operation, and maintenance for information systems connecting to or crossing any U.S. Army managed network.This regulation applies to the Active Army, the Army National Guard/Army National Guard of the United States, and the U.S. Army Reserve, unless otherwise stated. Also, it applies to all users, information systems, and networks at all information classification levels, program executive officers; direct reporting program managers; strategic, tactical, and non-tactical environments or installations; internal or external organizations, services, tenants, or agencies (for example DoD, sister services, U.S. Army Corps of Engineers (USACE); contractors working on Army information systems pursuant to Army contracts, Army and Air Force Exchange Service (AAFES), morale, welfare, and recreation activities; educational institutions or departments (for example, DOD schools, the U.S. Military Academy at West Point); and Army affiliated or sponsored agencies (for example, Western Hemisphere Institute for Security Cooperation). During mobilization, the proponent may modify chapters and policies contained in this regulation.