COMDTINST 5230.67
4. INFORMATION ASSURANCE ROLES AND RESPONSIBILITIES. The Commandant (CG-6)
organization works proactively with all entities involved in the system life cycle. Figure 1: CG-6
Roles and Relationships Framework, illustrates the key roles involved and their relationships. The
remainder of this paragraph describes the roles, relationships, and responsibilities as they relate to
this policy.
CG-6
Sponsor
Budget & Resources
Policy & Practices
Enterprise
Program Manager
Steward
Asset
Sponsor's
------------------
------------------
Manager
Rep
Rqmts, CONOPS
SDLC, EA, Rqmts Mgmt,
CPIC
Customers
System
Users
Stakeholders
SDA/SSA
SDA
SSA
------------------
------------------
Development Management
Support Management
Development Execution
Support Execution
System Development & Support
Figure 1: CG-6 Roles and Relationships Framework
a. CG-6. The Chief Information Officer (CIO). The CIO is responsible for implementing IA
throughout the Coast Guard. The CIO shall lead the IA program by partnering with all Sponsors
and Program Managers to plan, design, develop, deploy, and maintain C4&IT systems that
incorporate robust IA safeguards designed to meet Coast Guard-wide mission and business
requirements and minimize risk to Coast Guard C4&IT systems, information, and personnel.
CG-6 has the following IA responsibilities:
(1) Maintaining and approving IA policy and practices. CG-6 shall establish an IA Policy
Review Board, comprising representatives from various stakeholder groups, to develop and
maintain IA policy and practices.
(2) Ensuring that the IA program is developed and managed in accordance with Federal IT laws
and policy, national and international standards, Department of Homeland Security (DHS)
policies and standards, applicable Department of Defense (DoD) policy and standards, and
specific Memoranda of Understanding between the Coast Guard and other agencies.
(3) Ensuring that IA is an integral part of life cycle management for all C4&IT systems
developed or maintained within the Coast Guard.
(4) Designating Coast Guard organizations or individuals to develop and maintain the practices
and products that support and implement IA. These designations shall be published and
kept current by CG-6.
(5) Delegating authority to the Delegated Accrediting Authority (DAA) to issue or withdraw the
authority to operate or connect.
2
Previous Page
