DoD Digital Modernization Strategy: DoD Information Resource Management Strategic Plan FY19-23The DoD Digital Modernization Strategy, which also serves as the Department’s Information Resource Management (IRM) Strategic Plan, presents Information Technology (IT)-related modernization goals and objectives that provide essential support for the three lines of effort in the National Defense Strategy (NDS), and the supporting National Defense Business Operations Plan (NDBOP). It presents the DoD Chief Information Officer’s (DoD CIO) vision for achieving the Department’s goals and creating “a more secure, coordinated, seamless, transparent, and cost-effective IT architecture that transforms data into actionable information and ensures dependable mission execution in the face of a persistent cyber threat.”1 This vision is guided by four priorities and framed within four organizing goals. DoD CIO Priorities: • Cybersecurity • Artificial Intelligence (AI) • Cloud • Command, Control and Communications (C3) Digital Modernization Goals: • Innovate for Competitive Advantage • Optimize for Efficiencies and Improved Capability • Evolve Cybersecurity for an Agile and Resilient Defense Posture • Cultivate Talent for a Ready Digital WorkforceThis strategy also fulfills the Office of Management and Budget (OMB) requirement to provide a description of how information resources management activities help accomplish agency missions, and ensure that information resource management decisions are integrated with organizational planning, budget, procurement, financial management, human resources management, and program decisions.2 It includes narratives that summarize the Department’s approach to IT modernization, focused on the Joint Information Environment (JIE) Framework (in Section 3), and describe how Cybersecurity is being strengthened (Section 4). These efforts support achievement of the DoD CIO’s modernization vision, and the goals and objectives identified in this strategy. Finally, appendices provide a brief description of promising technologies; tables showing alignment to the NDBOP, the President’s Management Agenda, and DoD IT Reform Initiatives, respectively; and a summary of DoD CIO authorities.DoD Chief Information OfficerDODCIO_1c8fd56c-ae8c-11e9-b5e7-fc4ee6bfe94dRole of the DoD CIO -- The DoD CIO is the Principal Staff Assistant (PSA) and senior advisor to the Secretary of Defense for information technology (IT) (including national security systems), information resources management (IRM) and efficiencies. The DoD CIO is responsible for all matters relating to the DoD Information Enterprise, including communications; spectrum management; network policy and standards; information systems; cybersecurity; positioning, navigation, and timing (PNT) policy; and the DoD Information Enterprise that supports DoD command and control (C2). The DoD CIO is tasked with improving the combat power of the Department - as well as its security and efficiency - by ensuring that the Department treats information as a strategic asset and that innovative information capabilities are available throughout all areas of DoD supporting warfighting, business, and intelligence missions. The DoD CIO is a vital member of the Office of the Secretary of Defense (OSD) staff that helps the Warfighter by fulfilling its PSA and Clinger-Cohen Act (CCA) roles that guide the Department in the incorporation of more agile, efficient and effective technology and practices. The DoD CIO works closely with other DoD and OSD Components in fulfillment of its responsibilities. As appropriate, the DoD CIO collaborates and coordinates with organizations including (but not limited to) the Chief Management Officer (CMO), the Office of the Under Secretary of Defense for Policy (OUSD(P)), the Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)), the Office of the Under Secretary of Defense for Research and Engineering (OUSD(R&E)), the Office of the Under Secretary of Defense for Intelligence (OUSD(I)), the Military Departments (MILDEPS), Joint Staff, and the Combatant Commands.David L. NorquistPerforming the Duties of the Deputy Secretary of DefenseAccelerated transition to foundational enterprise capabilities and services_1c8fd71a-ae8c-11e9-b5e7-fc4ee6bfe94dTo enable Department-wide IT modernization_1c8fd80a-ae8c-11e9-b5e7-fc4ee6bfe94dModernizationDoD CIO Management System -- This management system will enable continual, comprehensive Department-wide IT modernization in a common, coordinated way. Furthermore, it will accelerate transition to foundational enterprise capabilities and services, freeing DoD Components to focus on their mission-unique capabilities and services, as shown in Figure 4 below. Combined with policy and governance changes, it will shift the Department from an "opt-in" approach to enterprise services. Leveraging commonalities among DoD Component, the many overlapping and duplicative IT systems, programs, projects, services, capabilities, operations, and governance constructs in the Department will be more effectively synchronized, consolidated, and integrated. Benefits of this shift will include:SpeedIncreased speed and reduced duplication of effort – increasing IT return on investment (ROI)Non-DuplicationROIStandardizationConsistent, standardized enterprise IT architectures – supporting faster fielding of new capabilities, interoperability, usability, and improved cybersecurity risk exposureTransparencyIncreased budget transparency for DoD IT expendituresConvergenceConvergence of Component network infrastructure - reducing complexity and costEfficiencyEliminates fielding of unnecessary capabilities and services - reducing program overheadCost EffectivenessEnterprise acquisition/licensing discounts - reducing infrastructure and application licensesAgilityThe future DoD digital environment will provide seamless, agile, resilient, transparent and secure infrastructure and services that advance DoD information superiority and simplify information sharing with mission partners.ResilienceSimplicityInnovationIn accomplishing this, the future environment will leverage a number of innovative technologies, described in Section 3 and Appendix A, that promise to provide increased effectiveness, efficiency, and security. SecurityInnovationInnovate for Competitive Advantage_1c8fd8c8-ae8c-11e9-b5e7-fc4ee6bfe94d1Joint Artificial Intelligence Center (JAIC)Cloud and cognitive computing will significantly alter warfighting and defense business operations. Recognizing this, the Department established the Joint Artificial Intelligence Center (JAIC) to accelerate delivery of AI-enabled capabilities and is partnering with industry to securely deliver commercial cloud capabilities in alignment with mission requirements.DoD Information Network (DODIN)Modernization of warfighter support systems will enable improved command and control (C2), information sharing, and decision support, through a rich and diverse set of analytic capabilities fueled by data from sensors across the DoD Information Network (DODIN).Defense Information Systems Network (DISN)Modernization of the Defense Information Systems Network (DISN), a key component of the DODIN, will provide critical enhancements necessary to fully realize the benefits from cloud computing, big data analytics, mobility, Internet of Things (IoT), increased automation and cognitive computing.4Joint ForceIncreased availability and use of secure, mobile, wireless platforms across the Department will increase Joint Force maneuver, accuracy, and information advantage.Healthcare FunctionsAdditionally, DoD will improve the efficiency and effectiveness of healthcare, logistics and other warfighting support functions. Enhanced delivery and protection of Positioning, Navigation and Timing (PNT), and development of a resilient, secure, and adaptive tactical IT infrastructure, will improve the Joint Force’s ability to operate in denied, degraded, contested, congested, and operationally limited environments.Logistics FunctionsWarfighting Support FunctionsInnovation is a key element of future readiness. It is essential to preserving and expanding US military competitive advantage in the face of near-peer competition and asymmetric threats. A theme running through the National Defense Strategy—and subordinate strategies like the Artificial Intelligence Strategy—is that preserving and expanding our military advantage depends on our ability to deliver technology faster than our adversaries and the agility of our enterprise to adapt our way of fighting to the potential advantages of innovative technology. The Department will evaluate opportunities for innovation, pursuing those deemed most suitable to address military problems and including those likely to deliver leap-ahead capabilities. JAICEstablish the Joint Artificial Intelligence Center (JAIC) to Accelerate Adoption and Integration of AI-Enabled Capabilities to Achieve Mission Impact at Scale_1c8fd972-ae8c-11e9-b5e7-fc4ee6bfe94d1.1Joint Artificial Intelligence Center (JAIC)The commercial sector is in the midst of a revolution in AI that is reshaping business and society. The 2018 NDS highlights that AI “will change society and, ultimately, the character of war.” The JAIC will accelerate DoD’s adoption and integration of AI capabilities at speed and scale. It will operationalize AI capabilities by overcoming policy, technical, and financial roadblocks that prevent enterprise-level deployment, and by leveraging the capabilities established through DISN modernization (as described in Goal 1, Objective 8). The JAIC will collaborate with DoD Components (e.g. OUSD(R&E), OUSD(I), MILDEPS, Combatant Commands) to synchronize DoD-wide AI activities to enhance operational effectiveness and lethality, and increase efficiency of back-office business functions.Strategy Element 1.1.1Operations_41e82ba0-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_1Stand Up the JAIC and Initiate OperationsStatusInitiation[To be determined]Strategy Element 1.1.2Partnerships_41e8328a-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_2Establish Partnerships with Industry, Academia, and Partner Nations to Ensure State-of-the-Art AI CapabilitiesStatusInitiation[To be determined]Strategy Element 1.1.3Infrastructure Technology Stack_41e83866-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_3Develop and Sustain the Enterprise Infrastructure Technology Stack that Enables AI Capability Deployment at Speed and Scale (JAIC Common Foundation)StatusDevelopmentStatusSustainment[To be determined]Strategy Element 1.1.4AI Leadership_41e83a32-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_4Lead DoD in AI Planning, Policy, Oversight, Ethics, and SafetyStatusLeadership[To be determined]Strategy Element 1.1.5AI Capabilities_41e83cf8-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_5Deliver AI-Enabled Capabilities to Address Key Missions (National Mission Initiatives, Component Mission Initiatives, and Smart Automation Initiatives)StatusDelivery[To be determined]Strategy Element 1.1.6AI Assurance/Certification_41e83fd2-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_6Assure /Certify the AI Algorithms, Data, and Models Developed for JAIC ImplementationsStatusAssuranceStatusCertification[To be determined]Commercial InnovationDeliver a DoD Enterprise Cloud Environment to Leverage Commercial Innovation_270e496a-afbd-11e9-a8f7-f6f9ed84a5a71.2DoD CIODoD CIO will collaborate with DoD Components (e.g., OUSD(R&E), MILDEPS, Combatant Commands) to support achievement of this objective.OUSD(R&E)MILDEPSCombatant CommandsThe advent of commercial cloud capabilities is changing the way DoD develops, delivers, deploys, and ultimately, buys applications, systems, and services. Cloud is the foundation upon which DoD will build and scale more effective cybersecurity, advanced analytical capabilities, better command and control, and future enabling technologies. This foundation will enable the Department to organize massive amounts of data and support rapid access to information for improved decision-making, preserving and extending our military advantage. To better take advantage of this information, the optimized enterprise cloud environment will also provide a platform for advanced capabilities such as machine learning (ML) and AI that are necessary to increase decision-making quality, speed, and lethality. DoD will partner with industry to securely deliver commercial cloud capabilities in alignment with mission requirements and will manage these capabilities across the enterprise, to include the tactical edge (e.g., Denied, Degraded, Intermittent or Limited-bandwidth (D-DIL) environments), for improved effectiveness and efficiency. Strategy Element 1.2.1Cloud_41e841a8-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_7Deliver a General-Purpose Enterprise Cloud for Compute and Store Capabilities (i.e., Joint Enterprise Defense Infrastructure (JEDI))DeliveryDelivered[To be determined]Strategy Element 1.2.2Capabilities_7c4cc196-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_8Identify Common Niche Capabilities to Inform the Creation of Fit for Purpose (F2P) Cloud EnvironmentsIdentificationIdentification[To be determined]Strategy Element 1.2.3Environment_7c4cd028-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_9Provide a DoD On Premise Cloud EnvironmentProvisioningProvided[To be determined]Strategy Element 1.2.4Office_7c4cdadc-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_10Establish an Enterprise Cloud Office to Enable Rapid Acquisition, Deployment, and Migration to Cloud CapabilitiesEstablishmentEstablished[To be determined]Strategy Element 1.2.5Portfolio_7c4ce568-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_11Manage the DoD Portfolio of Cloud CapabilitiesManagementManaged[To be determined]Strategy Element 1.2.6Policy & Guidance_7c4cf0f8-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_12Develop Policy and Guidance to Modernize Application Development (e.g., Lean-Agile Practices)DevelopmentDeveloped[To be determined]Strategy Element 1.2.7DevSecOps Environment_7c4cf6b6-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_13Develop and Deploy a DevSecOps Environment that Enables Application Development and Accreditation at Speed and Scale Integrated with Defensive Cyberspace OperationsDevelopment & DeploymentDevelopedDevelopment & DeploymentDeployed[To be determined]Strategy Element 1.2.8Policy & Guidance_7c4d0020-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_14Develop Policy and Guidance on the Effective Application of DevSecOps PrinciplesDevelopmentDeveloped[To be determined]Strategy Element 1.2.9Resilient Operation_7c4d0b60-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_15Enable Resilient Operation of DoD Functions on Commercial Cloud InfrastructureEnablementEnabled[To be determined]C4Modernize Warfighter Command, Control, Communications, and Computer (C4) Infrastructure and Systems_270e4c94-afbd-11e9-a8f7-f6f9ed84a5a71.3C4 SystemsOUSD(R&E)MILDEPSCombatant CommandsGuide DoD investment to modernize Joint/Allied/Coalition C4 capabilities that support and enable the Joint warfighter. In collaboration with DoD Components (e.g., OUSD(R&E), MILDEPS, Combatant Commands), outline the way ahead for future development, implementation, fielding, and sustainment of strategic and tactical C2 and communications systems. Ensure that solutions are operationally effective in D-DIL circumstances.Strategy Element 1.3.1Strategies, Roadmaps, Plans, & Architectures_41e84432-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_16Strategies - Produce C4 Strategies, Roadmaps, Plans, and ArchitecturesProductionProducedRoadmapsProductionProducedPlansProductionProducedArchitecturesProductionProduced[To be determined]Strategy Element 1.3.2Policies_7c4d115a-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_17Update and Publish Required Tactical Communications PoliciesStatusUpdatedStatusPublished[To be determined]Strategy Element 1.3.3C4 Capabilities_7c4d1b00-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_18Synchronize Enterprise C4 Capabilities through Effective GovernanceSynchronizationSynchronized[To be determined]Strategy Element 1.3.4Radios & Waveform Capabilities_7c4d2730-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_19Modernize Tactical Radios and DoD Tactical Waveform CapabilitiesModernizationModernized[To be determined]Strategy Element 1.3.5Public Safety Communications Enterprise Architecture_7c4d2ce4-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_20Develop and Maintain the Enterprise Architecture for DoD Public Safety CommunicationsStatusDevelopedStatusMaintained[To be determined]Strategy Element 1.3.6EMWN_7c4d3a7c-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_21Implement DoD Global Enterprise Mass Warning & Notification (EMWN) CapabilitiesImplementationImplemented[To be determined]Strategy Element 1.3.7GCCS-J_7c4d4710-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_22Modernize the Global Command and Control System - Joint (GCCS-J)ModernizationModernized[To be determined]Strategy Element 1.3.8Satellite Communications_7c4d4d0a-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_23Modernize DoD Satellite Communications Management and ControlModernizationModernized[To be determined]Strategy Element 1.3.9PSCS & WCS_7c4d56f6-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_24Execute the Satellite Communications (SATCOM) Modernization Activities Driven by the Protected Satellite Communications Services (PSCS) Analysis of Alternatives (AoA), the Wideband Communications Services (WCS) AoA, and the Impending Narrowband Satellite Communications AoAExecutionExecuted[To be determined]Strategy Element 1.3.10Management & Control_7c4d6308-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_25Formalize and Implement the Enterprise SATCOM Management and Control Reference ArchitectureFormalization & ImplementationFormalizedFormalization & ImplementationImplemented[To be determined]DataTreat Data as a Strategic Asset_270e4df2-afbd-11e9-a8f7-f6f9ed84a5a71.4The full benefits of decision-making, information sharing, cloud migration, AI, and other DoD objectives stated in this strategy are dependent upon DoD’s data being visible, accessible, understandable, trusted, and interoperable as prescribed by DoD Instruction (DoDI) 8320.07. Data owners and their communities of interest (e.g., financial, logistics, healthcare, human resources, cybersecurity, records management) are responsible for much of the necessary work. However, essential infrastructure (e.g., IT services registry, meta data registry, authoritative data source registry) and defined, standardized data tags or labels do not currently exist. Additionally, the Department has no enterprise search capability to enable discovery of critical DoD data across its network security domains. DoD CIO is collaborating with the DoD CMO and Joint Staff on initiatives to support this objective. Joint Staff is driving development of data standards supporting interoperability. Separately, the FY2018 NDAA established a comprehensive and detailed set of Congressional expectations for the DoD CMO with respect to the treatment of data, summarized as follows: 1) Establish policy and governance for Common Enterprise Data related to business operations and management; 2) Conduct pilot programs to extract this data from relevant systems; 3) Analyze that data to generate insights that answer critical operational and business questions; 4) Evolve the pilots into a Data Management and Analytics Shared Service; and 5) Develop an Implementation Plan. The DoD CMO outlined its approach to Congress in December 2018. Strategy Element 1.4.1Data Tags_41e8473e-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_26Define a Minimum Essential Set of Enterprise Data Tags that Enable the Tenets of DoDI 8320.07Definition[To be determined]Strategy Element 1.4.2Infrastructure_7c4d6920-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_27Invest In and Maintain the Infrastructure Required to Make DoD’s Data Visible, Accessible, Understandable, Trusted, and InteroperableStatusVisibilityStatusAccessibilityStatusUnderstandabilityStatusTrustworthinessStatusInteroperability[To be determined]Collaboration, Partnerships & InteroperabilityStrengthen Collaboration, International Partnerships, and Allied Interoperability_270e4f00-afbd-11e9-a8f7-f6f9ed84a5a71.5North Atlantic Treaty Organization (NATO)AlliesInternational PartnersCoordinate efforts across the DoD, North Atlantic Treaty Organization (NATO), Allies, and other international partners to advance warfighting interoperability and coalition operations. Deepen C4 capability and information sharing. Maximize communications, export/sales, and other Security Cooperation activities with allied partner nations. The Mission Partner Environment (MPE) enables the DoD to collaborate, share information, and conduct operations with mission partners. MPE connects DoD with the whole of U.S. government, Federal, State, local, and tribal government entities, allies, non-governmental organizations, treaty and private sector organizations, and territorial mission partners on a global scale, and supports the full range of military operations, including humanitarian assistance and disaster relief. All Combatant Commands (CCMD) require network interoperability with mission partners to optimize cooperation with a multi-national force. MPE will enable rapid formation of Communities of Interest (COIs) through all phases of military operations and for training and exercises. MPE will provide mission partners access to a set of core services and operational tools for modernized mission execution.Strategy Element 1.5.1MILSATCOM_41e84946-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_28Develop Military Satellite Communications (MILSATCOM) Services, Infrastructure, and Standards with International PartnersDevelopmentDeveloped[To be determined]Strategy Element 1.5.2Processes & Method_7c4d7348-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_29Improve Tactical Communications Waveform Export Processes and Improvement & StandardizationImprovementDevelop a Standardized Method to Address CCMD Connection Requests between US and Allied/Coalition SystemsImprovement & StandardizationStandardization[To be determined]Strategy Element 1.5.3Communications Planning_7c4d802c-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_30Advance Civil Emergency Communications Planning with DoD, NATO, Allies, and Other International PartnersAdvancementAdvanced[To be determined]Strategy Element 1.5.4ICAM_7c4d8680-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_31Ensure End-to-End Identity, Credential, and Access Management (ICAM) Interoperability with Key Interagency and International Partners at Appropriate Assurance Levels for the Information Being SharedAssuranceAssured[To be determined]Strategy Element 1.5.5Cryptographic Products_7c4d918e-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_32Develop Flexible and Robust Secure Cryptographic Products for Seamless Secure Foreign Partner InteroperabilityFlexibility & RobustnessFlexibleRobust[To be determined]Strategy Element 1.5.6Processes & Decision-Making_7c4d9eb8-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_33Streamline Release Processes and Decision-making to Advance U.S. Security Cooperation StreamliningStreamlined[To be determined]Strategy Element 1.5.7Requirements & Processes_7c4da50c-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_34Implement the MPE Requirements and Portfolio Management ProcessesImplementationImplemented[To be determined]Strategy Element 1.5.8Information Sharing_7c4db4de-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_35Rationalize Coalition C2 and Intelligence Information Sharing CapabilitiesRationalizationRationalized[To be determined]Strategy Element 1.5.9Capability & Services_7c4dba92-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_36Deliver the DoD MPE Capability and ServicesDeliveryDelivered[To be determined]ConnectivityEnsure National Leadership Command Capabilities (NLCC) Assured Connectivity_270e5022-afbd-11e9-a8f7-f6f9ed84a5a71.6The NLCC will provide diverse, accurate, integrated, survivable, secure, and timely assured communication pathways that allow national leadership to execute national and military command responsibilities. Strategy Element 1.6.1Conferencing_41e84bc6-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_37Evaluate Current Conferencing Capability and If Required, Develop a Methodology that Improves Secure, Survivable ConferencingCapabilityEvaluatedImproved[To be determined]Strategy Element 1.6.2Collection & Display_7c4dc3f2-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_38CollectionEnhancementEnhancedDisplayEnhancementEnhanced[To be determined]Enhance Current Data Collection and Display Processes to Provide Senior Leadership-Quality Decision-Making InformationStrategy Element 1.6.3Process_7c4dd392-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_39Develop a Process that Delivers a Classified, Secure, and Mobile Solution that Meets Senior Leadership RequirementsDeliveryDelivered[To be determined]Strategy Element 1.6.4Security_7c4dda7c-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_40Enhance the Security of the Supply Chain for Continuity of Operations, Continuity of Government, and Senior Leader Command, Control, and Communications System (SLC3S) Communications ProgramsEnhancementEnhanced[To be determined]PNTEnhance the Delivery and Protection of Positioning, Navigation, and Timing (PNT)_270e513a-afbd-11e9-a8f7-f6f9ed84a5a71.7Ensure positioning, navigation, and timing (PNT) availability and access. Precision strike, navigation, and network synchronization are dependent on the accuracy and dissemination of PNT signals predominantly provided at the present time by the Global Positioning System (GPS) and terrestrial atomic clocks. Improving the capability of the Joint Force (and Allies as appropriate) to operate in a GPS-denied or GPS-degraded environment requires a two-pronged effort: 1) decrease reliance on GPS-centric solutions by using Modular Open Systems Approaches (MOSA) to incorporate promising alternative/complementary PNT capabilities into Joint Force PNT devices; and 2) As improvements become operationally available, increase military GPS resilience by incorporating modernized GPS satellite, control, and user equipment capabilities. The strategy elements within this objective support all three Department strategic goals: Increase Lethality, Develop Alliances, and Reform Business Practices. Strategy Element1.7.1Approaches_41e84efa-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_41Pursue DoD Implementation of a Modular Open Systems Approaches and Collaborative Modeling and Simulation (M&S) Approach for PNT CapabilitiesImplementationImplemented[To be determined]Strategy Element 1.7.2Roadmap_7c4de620-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_42Develop and Publish the DoD PNT Science and Technology (S&T) Roadmap in Coordination with the Under Secretary of Defense for Research and Engineering (USD(R&E))Development & PublicationDevelopmentPublication[To be determined]Strategy Element 1.7.3MGUE_7c4df3cc-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_43Track and Assist in Modifying Plans for Military GPS User Equipment (MGUE) Development and ProductionTracking & AssistanceTrackedAssisted[To be determined]Strategy Element 1.7.4Capabilities_7c4dfa84-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_44Field Modernized PNT Capabilities with the Air Force and Our International AlliesFieldingFielded[To be determined]Strategy Element 1.7.5Partnerships_7c4e0632-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_45Develop Navigation Warfare (NAVWAR) Partnerships with Closely Allied NationsDevelopmentDeveloped[To be determined]Strategy Element 1.7.6Capabilities_7c4e13de-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_46Evaluate and Demonstrate Complementary PNT Capabilities to Support Domestic Critical Infrastructure in Cooperation with Civilian Agencies (Department of Transportation (DOT) and Department of Homeland Security (DHS))Evaluation & DemonstrationEvaluatedEvaluation & DemonstrationDemonstrated[To be determined]Strategy Element 1.7.7Oversight_7c4e1a78-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_47Exercise the DoD PNT Enterprise Oversight Council, Executive Management Board, and Supporting Working Groups, To Ensure the DoD PNT Enterprise Provides a Military PNT Advantage to the WarfighterAdvantage[To be determined]Strategy Element 1.7.8Issuances_7c4e2658-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_48Develop New (and Maintain Existing) DoD Issuances to Facilitate Policy Implementation and Ensure DoD Component Compliance for the DoD PNT EnterpriseDevelopment & ComplianceDevelopedDevelopment & ComplianceCompliance[To be determined]Strategy Element 1.7.9Data Collection_7c4e342c-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_49Continue to Institutionalize the PNT Data Repository Data Collection ProcessInstitutionalizationInstitutionalized[To be determined]DISNModernize Defense Information Systems Network (DISN) Transport Infrastructure_270e5248-afbd-11e9-a8f7-f6f9ed84a5a71.8The promised benefits from cloud computing, big data analytics, mobility, IoT, increased automation, and cognitive computing can only be fully realized with a suitable network. Modernization of the DISN is necessary to improve performance, capability, capacity, agility, and security, while reducing cost and complexity. Greatly enhanced bandwidth capacity and increased network resiliency support use of DoD-wide services and consolidation of critical IT systems, applications, and services from local installations to core data centers and the DoD enterprise cloud environment. Convergence on Everything over Internet Protocol (EoIP) and demand for information services, such as streaming video and real-time collaboration capabilities, are further driving transport infrastructure bandwidth capacity and Quality of Service requirements. Modernization initiatives underway will drastically reduce the number of network connections needed at any given Base/Post/Camp/Station (B/P/C/S) by consolidating to an all-IP infrastructure sharing a common network connection that can be virtualized for specific mission needs and cybersecurity protection. Significant efficiencies will be gained by migrating to a standardized set of protocols and network connection types, requiring fewer hardware types to operate, maintain, and refresh. The Joint Regional Security Stack (JRSS) improves mid-point network security, reduces attack surface, and improves situational awareness. Furthermore, it provides failover, diversity, mitigation, and resilient cybersecurity capabilities as a means to assure timely delivery of critical information to warfighters around the globe.Strategy Element 1.8.1Optical Transport_41e8513e-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_50Upgrade Optical TransportUpgradingUpgraded[To be determined]Strategy Element 1.8.2Mid-Point Security_7c4e3b0c-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_51Enhance Mid-Point Security by Implementing JRSS and Joint Management System (JMS)ImplementationImplemented[To be determined]Strategy Element 1.8.3MPLS_7c4e4732-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_52Build Out Multi-Protocol Label Switching (MPLS) Router Network with Quality of Service and Performance MonitoringBuild OutBuilt Out[To be determined]Strategy Element 1.8.4SDN_7c4e55b0-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_53Implement Software Defined Networking (SDN)ImplementationImplemented[To be determined]Strategy Element 1.8.5ATM_7c4e5c90-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_54Eliminate Asynchronous Transfer Mode (ATM) and Low Speed Time Division Multiplexed (TDM) CircuitsEliminationEliminated[To be determined]Strategy Element 1.8.6IPv6_7c4e6ad2-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_55Implement Internet Protocol version 6 (IPv6)ImplementationImplemented[To be determined]Networks & ServicesModernize and Optimize DoD Component Networks and Services_270e5374-afbd-11e9-a8f7-f6f9ed84a5a71.9In order to achieve a modernized and effective force, the Department needs to consolidate and streamline capability delivery to support an evolving mission environment. The Department requires a secure, consistent, and cost efficient network to conduct operations and business functions. Modernization of the DoD IT infrastructure requires a focus on network and service optimization that converges DoD networks, Service Desks, and Network/Service Operation Centers into a consolidated, secure, and effective environment capable of addressing current and future mission objectives. Standardizing and modernizing the IT infrastructure and services eliminates unnecessary systems and allows the Department to focus finite resources across fewer areas, ultimately shrinking the Department's threat surface in cyberspace. Additionally, this convergence should yield reduced facility utilization. The initial phase of this effort includes Fourth Estate organizations, with the objective to reduce the number of networking environments, move to a single service provider, and size the number of Network Operations Centers/Security Operations Centers (NOCs/SOCs) for greatest efficiency and effectiveness.Strategy Element 1.9.1Networks_41e853dc-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_56Consolidate and Optimize Fourth Estate NetworksConsolidation & OptimizationConsolidatedConsolidation & OptimizationOptimized[To be determined]Strategy Element 1.9.2Service DesksNumber_7c4e7a40-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_57Consolidate the Number of Fourth Estate Service Desks into a Single Service Support EnvironmentConsolidationConsolidated1[To be determined]Strategy Element 1.9.3NOCs/SOCs_7c4e8170-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_58Consolidate and Optimize the Fourth Estate Network Operation Centers/Security Operations Centers (NOCs/SOCs)Consolidation & OptimizationConsolidatedConsolidation & OptimizationOptimized[To be determined]Strategy Element 1.9.4Best Practices_7c4e8e22-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_59Establish Best Practices for Component Use of Commercial Service Providers in Their Optimization and Modernization Efforts EstablishmentEstablished[To be determined]AISR DTProvide End-to-End Airborne Intelligence, Surveillance, and Reconnaissance (AISR) Data Transport (DT)_270e5496-afbd-11e9-a8f7-f6f9ed84a5a71.10Develop programmed capabilities and non-material processes to provide end-to-end AISR DT capabilities to globally dispersed strategic, operational, and tactical consumers (DoD and mission partners) at the time, place, quantity, and quality they require. AISR DT capabilities are defined as the signal transmission systems and processes required to move data from airborne platforms to required data consumers at the point of need. In support of Joint Requirements Oversight Council (JROC) tasking, 5 DoD has established an AISR DT executive steering function and a joint Integration Task Force to provide direction for development of AISR transport capabilities and processes throughout the systems development lifecycle. Strategy Element 1.10.1Capabilities_41e8576a-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_60Establish Capabilities to Support Ingest, Accumulation, and Global Delivery of AISR Data from Multiple Platforms/SourcesEstablishmentEstablished[To be determined]Strategy Element 1.10.2Tactical Relays_7c4e9d0e-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_61Build Tactical Relays for Sensor Platform Connectivity to Local Users and the DISNConstructionConstructed[To be determined]Strategy Element 1.10.3BLOS_7c4ea484-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_62Provide Global Satellite Gateways for Direct Beyond Line of Sight (BLOS) Connectivity Between AISR Platforms and the DISNConnectivityProvided[To be determined]Strategy Element 1.10.4Network Operations_7c4eb104-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_63Establish Network Operations to Support End-to-End Situational Awareness and Proactive Network ManagementEstablishmentEstablished[To be determined]Strategy Element 1.10.5Transport Capabilities_7c4ec040-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_64Provide Direction for Future Platform Transport Capabilities DirectionProvided[To be determined]Information SharingImprove Information Sharing to Mobile Users_270e55c2-afbd-11e9-a8f7-f6f9ed84a5a71.11Mobile UsersThe ongoing evolution of computing technology to mobile devices offers unprecedented opportunities to advance the operational effectiveness of the DoD. Through faster access to information and computing power from any location, field units will be able to maneuver in unfamiliar environments with real-time mapping and data overlay capabilities; friendly forces will be identified with greater accuracy; engineers and technicians will have streamlined identification and ordering of mechanical parts; and military healthcare providers will be able to better diagnose injuries and remotely access lab results while away from hospital premises. Additionally, by enabling real-time access to important management and productivity tools (e.g., e-mail, collaboration), warfighter support functions will be able to more effectively manage the business of the DoD. The end result of enhanced enterprise mobility will be: • Increased availability and use of secure, mobile, wireless platforms across the Department - including within D-DIL circumstances • Access to multiple classification levels of plug and play using authorized government devices with minimal configuration Strategy Element 1.11.1Purchasing_41e859e0-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_65Streamline the Purchasing of Mobile Devices and Services across the DoD EnterpriseStreamlining[To be determined]Strategy Element 1.11.2Portfolio Management_7c4ec7ac-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_66Improve Mobile Policies, Processes, and Procedures to Ensure Efficient and Effective Portfolio ManagementEfficiency & Effectiveness[To be determined]Strategy Element 1.11.3Credentials_7c4ed436-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_67Expand Use of Derived Credentials for MobileUsageExpansion[To be determined]Strategy Element 1.11.4Applications_7c4ee3c2-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_68Develop Applications of Tactical MobilityDevelopment[To be determined]Strategy Element 1.11.5Device Security_7c4eeb4c-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_69Establish a Mobile Device Security Architecture and Risk Management Approach in Collaboration with Five Eyes (FVEY) Mission PartnersStatusSecurity ArchitectureStatusRisk Management Approach[To be determined]Strategy Element 1.11.6FirstNet_7c4ef7b8-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_70StatusWay-AheadStatusPolicyEstablish DoD Way-Ahead, Policy, and Plans for Use of the National First Responder Network (FirstNet) in Support of DoD Public Safety CommunicationsStatusPlans[To be determined]Strategy Element 1.11.75G_7c4f0a00-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_71DoD Will Be an Early Adopter of 5G and Develop Applications to Leverage 5G Advanced CapabilitiesStatusAdoptionStatusApplication Development[To be determined]EMSOEvolve the DoD to Agile Electromagnetic Spectrum Operations (EMSO)_270e5702-afbd-11e9-a8f7-f6f9ed84a5a71.12Develop a resilient, secure, and adaptive tactical IT infrastructure capable of operating within a contested, congested, and operationally limited EMS environment for Joint EMSO sensing, planning, management, and execution in order to enable U.S. dominance in all warfighting domains. DoD CIO will collaborate with DoD Components (e.g., OUSD(R&E), MILDEPS, Combatant Commands) to support achievement of this objective.Strategy Element 1.12.1Data Sharing_41e85ca6-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_72Establish an EMSO Multi-Tiered Architecture Capable of Sharing EMS Data Between All Services and Agencies at All Classification LevelsCapability[To be determined]Strategy Element 1.12.2Network Infrastructure_7c4f1252-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_73Establish a Resilient, Secure, and Adaptive EMSO IT Network InfrastructureStatusResiliencyStatusSecurityStatusAdapability[To be determined]StandardsDrive Standards into DoD IT Systems_270e5838-afbd-11e9-a8f7-f6f9ed84a5a71.13As required by Section 909 of the NDAA for FY2018, the DoD CIO will lead development, implementation, and enforcement of an IT, networking, and cybersecurity standards process for the Department. DoD CIO will collaborate with Department stakeholders, such as OUSD(A&S), OUSD(R&E), and Joint Staff, in assessment and revision of the current processes, governance, policy, and standards. As part of this process, guidance for leveraging North Atlantic Treaty Organization (NATO) Standardization Agreements (STANAGs), as well as commercial and governmental standards, will be provided. A critical desired outcome of this overall effort is increased interoperability. The DoD CIO envisions opportunities for synergy between compliance with standards and the Department’s overall digital modernization efforts. Strategy Element 1.13.1Gaps_41e8605c-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_74Assess and Identify Gaps in Policy for IT, Networking, Data, and Cybersecurity StandardsStatusIdentificationStatusResolution[To be determined]Strategy Element 1.13.2Strategy_7c4f1fc2-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_75Develop Strategy for Addressing Gaps in Processes, Governance, Policy, and StandardsStatusDevelopment[To be determined]Strategy Element 1.13.3Implementation_7c4f3034-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_76Implement Revised Processes, Governance, Policy, and StandardsStatusImplemented[To be determined]Strategy Element 1.13.4Compliance_7c4f382c-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_77Monitor and Enforce Compliance with Revised Processes, Governance, Policy, and StandardsEnforcementCompliance[To be determined]Efficiency & CapabilitiesOptimize for Efficiencies and Improved Capability_270e59be-afbd-11e9-a8f7-f6f9ed84a5a72Delivering IT capabilities with greater efficiency and performance requires the Department to reform the way it operates. In particular, the evaluation and implementation of suitable industry best current practices and proven technologies must be greatly accelerated, and oversight of IT spending must be improved. The objectives in this goal include shifting to an enterprise-wide operations and defense model; right-sizing DoD data centers; optimizing office productivity and collaboration capabilities, optimizing voice and video capabilities; improving purchasing through enterprise agreements; strengthening partnerships with industry; and strengthening IT financial management and accountability. Mission Impact: This goal supports reform of the Department’s business practices (NDBOP Goal #3). It accomplishes this through such means as deploying shared and DoD-wide services; rationalizing DoD applications and systems for migration into core data centers, component enterprise data centers, and the DoD enterprise cloud environment; streamlining the technology approval process; and strengthening IT financial decision making. Enterprise-Wide ModelShift from Component-Centric to Enterprise-Wide Operations and Defense Model_270e5bbc-afbd-11e9-a8f7-f6f9ed84a5a72.1Shifting from Component Centric to Enterprise Network Operations will provide the capabilities necessary to enable operations centers - responsible for executing DODIN Operations and Defensive Cyber Operations-Internal Defense Measures (DCO-IDM) activities - to more effectively and efficiently secure, operate, and defend the DODIN. The vision is to ensure that DoD military commanders, civilian leadership, warfighters, coalition partners, and other authorized non-DoD mission partners have access to information and data provided in a secure, reliable, and agile DoD-wide information environment to enable C2 of forces performing cyberspace operations. The JIE Management Network enables operations centers to securely manage the DODIN and its elements. A fully converged DODIN IT Service Management solution is envisioned to support change management, configuration management, asset management, knowledge management, and service level management. Strategy Element 2.1.1Operations Centers_41e862fa-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_78Enable Global and Regional Operations CentersEnablementEnabled[To be determined]Strategy Element 2.1.2Management Network_7c4f4588-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_79Establish and Implement the JIE Management Network for JRSSEstablishment & ImplementationEstablishedImplemented[To be determined]Strategy Element 2.1.3ITSM Solutions_7c4f5618-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_80Converge DODIN IT Service Management (ITSM) SolutionsConvergenceConverged[To be determined]Strategy Element 2.1.4COP Solutions_7c4f5e2e-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_81Converge DODIN Operation Common Operation Picture (COP) SolutionsConvergenceConverged[To be determined]Data CentersOptimize DoD Data Centers_270e5cde-afbd-11e9-a8f7-f6f9ed84a5a72.2DoD Data CentersIn accordance with Federal guidance,6 DoD is optimizing the Department's data center facility footprint and the management and operation of those facilities. Ultimately, DoD's Information Enterprise will consist of a streamlined number of data centers that effectively and efficiently meet DoD's broad range of missions—from recruiting to acquisition management to command and control. As part of the optimization process, Installation Processing Nodes must be re-designated as Closing, an Installation Service Node, a Special Purpose Processing Node, or a Component Enterprise Data Center. The re-designation will be driven by an assessment of the systems and applications (if any) which must remain. DoD will migrate applications and systems to select data centers; optimize select data centers for performance first, then cost; and consolidate data centers where practical.Strategy Element 2.2.1Applications & Systems_41e865fc-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_82Migrate DoD Applications and Systems that Cannot be Hosted in Commercial Cloud Environments to Enterprise Data CentersMigrationMigrated[To be determined]Strategy Element 2.2.2Data Centers_7c4f6be4-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_83Optimize Select Data Centers for Performance First, Then CostOptimizationOptimized[To be determined]Strategy Element 2.2.3Installation Processing Nodes_7c4f7cec-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_84Re-designate Installation Processing Nodes in Accordance with the Department's Current Data Center Optimization ApproachRe-DesignationRe-Designated[To be determined]Strategy Element 2.2.4Data Center Inventory_7c4f858e-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_85Manage the DoD Data Center Inventory for Mission NeedManagementManaged[To be determined]Productivity & CollaborationOptimize DoD Office Productivity and Collaboration Capabilities (ECAPS Capability Set 1)_270e5e14-afbd-11e9-a8f7-f6f9ed84a5a72.3DoD's cloud strategy is a main component in the overall efforts to modernize the Department's information technology, with the objective of achieving a Department-wide enterprise cloud computing ecosystem. As an integral part of that strategy, the Defense Enterprise Office Solution (DEOS) will enable the Department to improve interoperability and enhance cybersecurity across DoD operational boundaries. DEOS will put collaboration and productivity capabilities in the hands of every DoD employee and warfighter to more effectively and efficiently accomplish their missions. DEOS will offer an interoperable solution for timely and seamless collaboration and information-sharing across operational boundaries and including D-DIL environments. DEOS is the first capability set solution within the DoD Enterprise Collaboration and Productivity Services (ECAPS) portfolio.Strategy Element 2.3.1DEOS_41e869e4-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_86Designate DEOS as a DoD Enterprise Service with all DoD Components Required to AdoptStatusDesignationAdoption[To be determined]Strategy Element 2.3.2Pilots_7c4f9362-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_87Monitor and Assess All Pilots for Implementation Pitfalls and Challenges, including D-DILMonitoring & AssessmentMonitoredAssessedRoll All Lessons Learned from Early Cloud Adopters into DEOSImplemented[To be determined]Strategy Element 2.3.3DEOS_7c4fa6c2-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_88Field DEOS (including in D-DIL Environments) and Fielding & MigrationFieldedComplete Migration of All DoD UsersCompleted[To be determined]Voice & VideoOptimize DoD Voice and Video Capabilities (ECAPS Capability Sets 2 & 3)_270e5f7c-afbd-11e9-a8f7-f6f9ed84a5a72.4Modernizing existing voice and video capabilities is critical for the Department to achieve integrated and seamless DoD-wide communication in an effective and financially sound way. Existing DoD voice and video services are largely outdated. They include a mix of obsolete circuit-based switch systems and video technology reliant on non-IP transport that is being phased out by commercial carriers. Eliminating these systems and transitioning to an integrated IP environment across Components will allow DoD to: 1) Optimize voice and video service, and 2) Effectively manage operating costs as commercial carriers escalate sustainment costs for remaining non-IP service. The DoD will also close a significant operational gap in current 9-1-1 capabilities and enhance force protection with the implementation of the Next-Generation 9-1-1 (NG911) national standard. Once implemented, that standard will operate on IP-enabled emergency networks - allowing constituents on DoD installations to make a 9-1-1 "call" from any communication device in any mode (e.g., voice, text, or video) - and provide interoperability with civilian mission partners.Strategy Element 2.4.1Voice & Video_41e86cb4-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_89Define and Deploy an Optimized Enterprise Voice and Video Solution across the Department (e.g., ECAPS Capability Sets 2 and 3)Definition & DeploymentDefinedDeployed[To be determined]Strategy Element 2.4.2C2 Voice Solution_7c4fafaa-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_90Define and Deploy an Optimized DoD C2 Voice SolutionDefinition & DeploymentDefinedDeployed[To be determined]Strategy Element 2.4.3Analog Phone Switch_7c4fbdec-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_91Eliminate DoD’s Legacy Analog Phone Switch InfrastructureEliminationEliminated[To be determined]Strategy Element 2.4.4NG911_7c4fcfa8-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_92Establish DoD Way-Ahead, Policy, and Plans for Employment of Next Generation 9-1-1 (NG911)StatusEstablishedPolicyEstablishmentEstablishedPlansEstablishmentEstablished[To be determined]Category ManagementImprove IT Category Management_270e60c6-afbd-11e9-a8f7-f6f9ed84a5a72.5Category management is an approach the Federal Government is applying to eliminate redundancies, increase efficiency, and deliver savings from acquisition programs. DoD is aligning its IT Category Management with the Federal IT Category Management efforts by pursuing strategic sourcing (e.g., enterprise license agreements (ELA)) for the acquisition of commercial IT software, hardware, services, and telecommunications. DoD’s IT Category Management is designed to save time and money by leveraging commercial IT requirements across DoD Components to negotiate more favorable terms in purchasing agreements and maximize discounts through enterprise volume purchasing solutions. The result of IT Category Management will be: • Decreased procurement overhead costs by reducing the number of duplicative commercial IT purchasing vehicles • Reduced procurement costs by consolidating orders for common commercial IT • Lower unit costs for common commercial IT goods and services by maximizing discounts through enterprise purchasing solutions • Reduced costs of procuring and maintaining underutilized IT assets by improving asset visibility to reduce excess inventories • Improved IT contract and license terms and conditions by using a qualified IT acquisition workforce to align enterprise agreements with DoD requirements • Utilization of enterprise acquisition vehicles that enable the DoD to leverage economies of scale • Improved product support services by including terms for minimum service levels for applicable commercial support services in enterprise agreementsStrategy Element 2.5.1ELAs_41e86ff2-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_93Continue to Establish ELAs for IT Software, Hardware, Services, and TelecommunicationsStatusEstablished[To be determined]Strategy Element 2.5.2ELAs_7c4fd868-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_94Expand ELAs to Address Other IT Categories (e.g., IT Security) Based on OMB GuidanceExpansionExpanded[To be determined]Strategy Element 2.5.3Category Management Policy_7c4fe858-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_95Establish DoD Category Management PolicyStatusEstablished[To be determined]Strategy Element 2.5.4Asset Management_7c4ffaa0-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_96Implement DoD IT Asset ManagementImplementationImplemented[To be determined]Technology DeploymentImprove Rapid Technology Deployment Processes_270e621a-afbd-11e9-a8f7-f6f9ed84a5a72.6One persistent challenge for DoD has been that acquisition processes have kept the Department from being able to adopt new technology in a timely manner. DoD will bring new technology in house much faster through three approaches: streamlining the technology approval process, leveraging innovative technology development practices such as Digital Engineering, and leveraging approved processes such as Other Transactional Agreements (OTAs). All of these approaches will enable the Department to reap the benefits of greater efficiency and security.Strategy Element 2.6.1Approval Process_41e87420-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_97Streamline the Technology Approval ProcessStreamliningStreamlined[To be determined]Strategy Element 2.6.2OTAs_7c5003a6-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_98Leverage the Power and Agility of Other Transactional Agreements (OTAs)LeveragingLeveraged[To be determined]Financial ManagementStrengthen IT Financial Management Decision Making and Accountability_270e64f4-afbd-11e9-a8f7-f6f9ed84a5a72.7The Component Financial Improvement Plans (FIPs), when summarized collectively, compose the Department's Financial Improvement and Audit Readiness (FIAR) Plan. The DoD Components' FIPs are prepared and executed in accordance with FIAR Guidance issued by the Office of the Under Secretary of Defense (Comptroller) (OUSD(C)). The FIAR Guidance provides the strategy and standard methodology, as well as the step-by-step approach for discovery and evaluation; documenting, testing, and strengthening controls; and achieving an audit ready systems environment. Existing and future systems will need to satisfy joint general and application level control requirements identified in the FIAR Guidance and the Federal Information System Controls Audit Manual (FISCAM). In addition, Departmental investments made in Internal Use Software, purchased (Commercial Off the Shelf (COTS)) or internally developed, must be accounted for in a manner that addresses financial statement auditability requirements. To strengthen IT financial management and oversight, the FY2018 NDAA requires the DoD CIO to review each military department's and each Defense Agency's proposed budget against the responsibilities outlined in Title 10 USC 142(b) paragraph (1) and submit to the Secretary of Defense a report containing the comments of the CIO with respect to all such proposed budgets, together with the certification of the CIO regarding whether each proposed budget is adequate.Strategy Element 2.7.1Audit Readiness_41e87722-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_99Support Audit Readiness for Financial and Mixed Systems that Impact Financial ReportingSupportSupported[To be determined]Strategy Element 2.7.2Accountability & Auditability_7c501256-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_100Improve Accountability and Auditability for Internal Use Software InvestmentsImprovementImproved[To be determined]Strategy Element 2.7.3Oversight & Certification_7c5024b2-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_101Implement FY2018 NDAA Requirements Regarding Oversight and Certification of Component IT BudgetsStatusImplemented[To be determined]CybersecurityEvolve Cybersecurity for an Agile and Resilient Defense Posture_270e665c-afbd-11e9-a8f7-f6f9ed84a5a73The scope, pace, and sophistication of malicious cyberspace activity continues to rise globally. Growing dependence on the cyberspace domain for nearly every essential civilian and military function makes this an urgent issue that must be addressed. DoD overmatch in conventional and strategic weaponry may be overcome through sophisticated attacks within cyberspace, supply chain exploitation across the acquisition and sustainment lifecycle, and intelligence operations targeting insiders with access. The Department must adopt a "Cyber First, Cyber Always"7 mindset and be prepared to defend DoD systems in a contested cyberspace. Every network, system, application and enterprise service must be secure by design, with cybersecurity managed throughout the acquisition lifecycle. The Department will maintain system confidentiality, integrity, and availability by defending against avenues of attack used by sophisticated adversaries. Mission Impact: This goal secures the information technologies and data that enable the Joint Force to gain information advantage, strike at long distance, and exercise global command and control. It supports all three NDBOP goals (Increase Lethality, Strengthen Alliances, Reform Business Practices) and the cybersecurity-focused objectives of the DoD Cyber Strategy. It achieves efficiencies by reforming the DoD Risk Management Framework; delivers capabilities to preserve the US military competitive advantage and assure mission completion; and strengthens collaboration with interagency, international and industry partners. ArchitectureTransform the DoD Cybersecurity Architecture to Increase Agility and Strengthen Resilience_270e67b0-afbd-11e9-a8f7-f6f9ed84a5a73.1The Department’s approach to cybersecurity is documented in the DoD Cybersecurity Reference Architecture (CSRA), which guides and constrains how network boundaries, mobile and fixed end points, and data are protected. The DoD CSRA is developed in collaboration with DoD Component stakeholders (e.g., OUSD(R&E), DISA, NSA, MILDEPS, Combatant Commands). It reflects key cybersecurity principles: isolation, containment, redundancy, layers of defense, least privilege, situational awareness, and physical/logical segmentation of networks, services, and applications. The resulting protections contribute to a resilient defense posture and achievement of three cybersecurity objectives: • The DODIN - to include the data on the network - is defended as a virtual single information environment through the use of common processes and capabilities. • Cyberspace-defenses sense and respond to external and internal threats and take appropriate remediation. mitigation. and restoration actions. • Command and control of forces that operate on the DODIN is supported by shared cybersecurity situational awareness of the network as a whole. IT security findings are shared and reused throughout the Department to the greatest extent practical.Strategy Element 3.1.1Security & Monitoring_41e87a7e-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_102Improve Endpoint Security and Continuous MonitoringImprovementImproved[To be determined]Strategy Element 3.1.2Perimeter Protection_7c502de0-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_103Enhance Enterprise Perimeter Protection CapabilitiesEnhancementEnhanced[To be determined]Strategy Element 3.1.3Comply-to-Connect_7c503f24-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_104Establish Enterprise Comply-to-Connect CapabilityStatusEstablished[To be determined]Strategy Element 3.1.4Insider Threat Detection_7c505306-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_105Deploy Insider Threat Detection CapabilitiesStatusDeployed[To be determined]Strategy Element 3.1.5Data Center Security_7c505ca2-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_106Strengthen Data Center SecurityStrengtheningStrengthened[To be determined]Strategy Element 3.1.6SHB_7c506b8e-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_107Standardize on Windows 10 Secure Host Baseline (SHB)StandardizationStandardized[To be determined]Strategy Element 3.1.7Patch Management_7c507eb2-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_108Implement Automated Patch Management AutomationAutomated[To be determined]Strategy Element 3.1.8Situational Awareness_7c508880-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_109Enhance Cybersecurity Situational Awareness through Big Data AnalyticsEnhancementEnhanced[To be determined]Strategy Element 3.1.9Cryptography_7c50978a-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_110Modernize the Cryptographic Inventory and Supporting InfrastructureModernizationModernized[To be determined]ICAMDeploy an End-to-End Identity, Credential, and Access Management (ICAM) Infrastructure_270e6972-afbd-11e9-a8f7-f6f9ed84a5a73.2DoD must promote implementation of enterprise ICAM to support rapid access to mission information, strengthen responsible information sharing and attribution with allies and partners, and support greater effectiveness and efficiency through mobile adoption and migration to the cloud. ICAM encompasses the full range of activities related to creation of digital identities and maintenance of associated attributes, credential issuance for person/nonperson entities, authentication using the credentials, and making access management control decisions based on authenticated identities and associated attributes. ICAM creates a secure and trusted environment where any user can access all authorized resources (including applications and data) to have a successful mission, while also letting DoD know who is on the network at any given time. Among its benefits, ICAM also supports correction of weaknesses reported in the notification of findings and recommendations (NFR) from the 2018 defense-wide financial audit. Strategy Element 3.2.1Public Key_41e87f06-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_111Expand Public Key Enablement Capabilities to Support ICAMEnablementExpanded[To be determined]Strategy Element 3.2.2Account Provisioning_7c50aac2-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_112Implement Automated Account Provisioning AutomationImplemented[To be determined]Strategy Element 3.2.3Multi-Factor Authentication_7c50b8dc-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_113Implement Support for Approved Multi-Factor Authentication CapabilitiesStatusImplemented[To be determined]Strategy Element 3.2.4EIAS_7c50c8fe-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_114Enhance Enterprise Identity Attribute Service (EIAS)EnhancementEnhanced[To be determined]Strategy Element 3.2.5Derived Credentials_7c50de66-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_115Expand the Use of Derived CredentialsUsageExpanded[To be determined]Strategy Element 3.2.6Identity & Attributes_7c50ed8e-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_116Implement a Data Centric Approach to Collect, Verify, Maintain, and Share Identity and Other AttributesData CentricityImplemented[To be determined]Strategy Element 3.2.7Authentication_7c5101ac-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_117Common Standards - Improve and Enable Authentication to DoD Networks and Resources through Common Standards, Shared Services, and FederationImprovement & EnablementImplementedServicesImprovement & EnablementSharedFederationImprovement & EnablementSupported[To be determined]Strategy Element 3.2.8ICAM_7c5115de-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_118Deploy Shared Services Promoting the Implementation of Enterprise ICAMShared ServicesDeployed[To be determined]Strategy Element 3.2.9Monitoring & Logging_7c512470-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_119Enable Consistent Monitoring and Logging to Support Identity Analytics for Detecting Insider Threats and External AttacksEnablementEnabled[To be determined]Strategy Element 3.2.10Governance Structure_7c51351e-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_120Enhance the Governance Structure Promoting the Development and Adoption of Enterprise ICAM SolutionsEnhancementEnhanced[To be determined]Strategy Element 3.2.11Policies & Standards_7c514888-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_121Create DoD Policies and Standards Clearly Defining Requirements for Identification, Credentialing, Authentication, and Authorization Lifecycle ManagementCreationCreated[To be determined]Unclassified Networks & SystemsProtect Sensitive DoD Information and Critical Programs and Technologies on Defense Industrial Base (DIB) Unclassified Networks and Information Systems_270e6ada-afbd-11e9-a8f7-f6f9ed84a5a73.3DoD relies on the Defense Industrial Base to develop advanced technologies and warfighting capabilities. Adversaries exploit DIB unclassified internal networks and information systems, stealing sensitive information in order to kill, counter, or clone DoD's warfighting capabilities before they are delivered to DoD. To improve the safeguarding of this information, DoD CIO, OUSD(A&S), OUSD(R&E), the Principal Cyber Advisor, and other stakeholders are collaborating on a multipronged approach that incorporates voluntary cyberspace threat information sharing, mandatory cybersecurity standards for defense contractor unclassified internal information systems and networks, and cybersecurity reporting of incidents that affect DoD controlled unclassified information on defense contractor unclassified internal information systems and networks. DoD CIO is a key stakeholder in the implementation of the Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012, "Safeguarding Covered Defense Information and Cyber Incident Reporting" requiring industry to implement adequate security for their information systems that process DoD controlled unclassified information, including at a minimum the security requirements in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. DoD CIO also oversees the DIB Cybersecurity (CS) Program. The DIB CS Program is DoD’s public-private cybersecurity threat collaboration partnership through which classified and unclassified cybersecurity threat information is shared with DIB participants. The DoD Cyber Crime Center (DC3) is the operational focal point for the program, analyzing cybersecurity threats, developing a common operational threat picture, and sharing mitigations with industry, DoD, and interagency partners. DC3 is also the designated single DoD focal point for receiving all cybersecurity incident reporting affecting unclassified networks of DoD contractors from industry and other government agencies. OUSD(A&S) is utilizing pathfinders to assure DIB cybersecurity requirements and expand cybersecurity threat information sharing to non-cleared defense contractors. These pathfinders will examine (1) a standard cybersecurity maturity model certification for DIB companies, (2) external cybersecurity validation of DIB companies with on-premise Controlled Unclassified Information (CUI) data through commercial 3rd party companies, and (3) internal cybersecurity validation of DIB company volunteers with off-premise CUI data in commercial clouds through FFRDC and UARC partners.Strategy Element 3.3.1Procedures_41e88244-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_122Support Development of Consistent Procedures to Assess Contractor Compliance with Cybersecurity RequirementsDevelopmentDeveloped[To be determined]Strategy Element 3.3.2NIST SP 800-171_7c515710-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_123Support Efforts to Update NIST SP 800-171 to Address Advanced Persistent ThreatsUpdatingUpdated[To be determined]Strategy Element 3.3.3Participation_7c516750-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_124Increase Participation in the DIB Cybersecurity ProgramIncreaseIncreased[To be determined]Strategy Element 3.3.4Information Sharing_7c517d1c-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_125Expand Cybersecurity Threat Information Sharing to Non-Cleared Defense ContractorsExpansionExpanded[To be determined]Strategy Element 3.3.5Cybersecurity Pathfinders_7c518c3a-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_126Plan and Execute DIB Cybersecurity PathfindersPlanning & ExecutionPlannedExecuted[To be determined]Risk ManagementReform DoD Cybersecurity Risk Management Policies and Practices_270e6c6a-afbd-11e9-a8f7-f6f9ed84a5a73.4DoD will reform its cybersecurity risk management policies and practices to be more effective, yet responsive to the needs of the warfighter. DoD’s risk management approach requires prioritizing critical systems and assets; identifying and mapping mission risks; and tailoring cybersecurity implementation to mission dependencies. Furthermore, increasing dependence on commercial technologies and services (e.g. commodity IT, Industrial Control Systems, cloud services), coupled with the interdependent nature of cyberspace, requires more robust engagement to increase international cooperation, pro-actively shape standards, expand the use of software and hardware assurance methods, and address global supply chain risks. Finally, the DoD Risk Management Framework process will be reformed to improve effectiveness and efficiency, while ensuring it does not unnecessarily hinder the development and deployment of systems supporting the warfighter.Strategy Element 3.4.1Framework Reform_41e885dc-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_127Advance Risk Management Framework Reform to Ensure it is More Efficient and AdaptableAdvancementAdvanced[To be determined]Strategy Element 3.4.2Cybersecurity Risk_7c519cac-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_128Ensure Cybersecurity Risks are Planned for and Managed Throughout the Acquisition LifecycleManagementManaged[To be determined]Strategy Element 3.4.3Supply Chain Risk_7c51b084-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_129Enhance Processes to Address Enterprise-Wide Supply Chain RisksReductionReduced[To be determined]Strategy Element 3.4.4Portfolio Management_7c51bf66-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_130Strengthen the DoD Cybersecurity Portfolio Management ProcessStrengtheningStrengthened[To be determined]Strategy Element 3.4.5Assurance_7c51d046-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_131Expand the Use of Proven Software and Hardware Assurance MethodsExpansionExpanded[To be determined]Strategy Element 3.4.6Cooperation_7c51e432-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_132Build and Maintain Robust International Cybersecurity Cooperation EffortsRobustnessIncreasing[To be determined]Strategy Element 3.4.7Standards_7c51f350-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_133Increase DoD Participation in Setting Federal Government and International Commercial Cybersecurity StandardsParticipationIncreased[To be determined]Digital WorkforceCultivate Talent for a Ready Digital Workforce_270e6e04-afbd-11e9-a8f7-f6f9ed84a5a74Digital WorkforceCompetition for high quality, experienced digital workforce personnel is constant and increasingly aggressive. The Department of Defense is one of the three largest markets for this talent in the United States due to its size, its continuous adoption and adaptation of technology, and its extensive mission requirements. Critical national infrastructure protection in particular is a global growth industry. DoD is executing a new Functional Community Maturity Model for management of DoD civilians. The DoD CIO will implement this model for elements of the Cyber Workforce and expand implementation of more agile recruiting, training, and retention capabilities through expansion of the Cyber Excepted Service personnel system, incentives, and local supplements. Work continues on development of baseline qualification requirements for over 50 cyber work roles. This will provide the workforce with a common understanding of the concepts, principles, and applications of cyberspace functions to enhance interoperability across organizational lines and mission sets. Mission Impact: Accomplishing this goal will produce an appropriately sized workforce of well-trained, highly qualified professionals to support and defend the DoD Information Enterprise. It will also develop an agile and responsive workforce management system capable of meeting the Department's current and emerging cyberspace mission requirements. This goal primarily supports rebuilding military readiness and increasing the lethality of the Joint Force (NDBOP Strategic Goal #1).Cyber Functional CommunityStrengthen Cyber Functional Community Management_270e6f80-afbd-11e9-a8f7-f6f9ed84a5a74.1Cyber Functional CommunityImprove business practices to promote strategic management and development of the civilian cyber workforce.Strategy Element 4.1.1Maturity Model_41e88b18-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_134Implement the Functional Community Maturity Model for the IT and Cybersecurity Categories of the Cyber WorkforceImplementationImplemented[To be determined]Strategy Element 4.1.2Role Gaps_7c5204b2-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_135Identify and Target Work Role Gaps of Critical Need for the Cyber (IT and Cybersecurity) WorkforceIdentification & TargetingIdentifiedTargeted[To be determined]Acquisition WorkforceStrengthen the IT Acquisition Workforce_270e7110-afbd-11e9-a8f7-f6f9ed84a5a74.2Acquisition WorkforceDevelop and sustain a cyber workforce cadre skilled in the application of strategic planning processes and agile acquisition capabilities for the attainment of secure technologies and software.Strategy Element 4.2.1Competencies_41e88e88-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_136Strengthen IT Acquisition Workforce CompetenciesStrengtheningStrengthened[To be determined]Strategy Element 4.2.2Curriculum & Capabilities_7c521b82-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_137Update Curriculum Requirements and Updating & MaintenanceUpdatedMaintain Continuous Learning CapabilitiesUpdating & MaintenanceMaintained[To be determined]Cyber WorkforceEnhance Cyber Workforce Recruiting, Retention, Education, Training, and Professional Development_270e7322-afbd-11e9-a8f7-f6f9ed84a5a74.3Cyber WorkforceIn 2018, DoD commenced conversion to a new, more agile personnel program developed specifically for the Cyber Workforce. This program will continue to expand in functionality and scope as additional organizations and individuals convert to Cyber Excepted Service, providing hiring managers with greater options for sourcing candidates and the ability to offer more competitive compensation packages. A new Cyber Workforce Qualification Program is also under development which incorporates flexible attainment of credentials and performance-based assessments to achieve a DoD-wide standard baseline of cyberspace capabilities. Strategy Element 4.3.1Excepted Service_41e89284-3e67-11ea-8d15-af51eb8dec8ePLACEHOLDER_138Expand Implementation of Cyber Excepted ServiceExpansionExpanded[To be determined]Strategy Element 4.3.2Program_7c522b5e-3f13-11ea-b00b-83c02e538c1ePLACEHOLDER_139Implement Cyber Workforce Qualifications ProgramImplementationImplemented[To be determined]_41e89842-3e67-11ea-8d15-af51eb8dec8e2019-07-122023-09-302019-07-25https://media.defense.gov/2019/Jul/12/2002156622/-1/-1/1/DOD-DIGITAL-MODERNIZATION-STRATEGY-2019.PDF_41e89bd0-3e67-11ea-8d15-af51eb8dec8eOwenAmburOwen.Ambur@verizon.net