COMDTINST 5230.67
(6) Delegating the execution of IA practices to the roles defined herein.
b. Enterprise Steward. CG-6 provides enterprise-level stewardship of the policies and practices
associated with C4&IT systems. The Enterprise Steward monitors the health, effectiveness, and
efficiency of IA and ensures organizational compliance. The Enterprise Steward has the
following IA responsibilities:
(1) Managing the IA process. This includes developing and sustaining practices for
Certification and Accreditation, Security Management, and IA Architecture.
(2) Proactively communicating, educating, and training Coast Guard C4&IT personnel in IA
practices to ensure effective implementation of IA in all stages of the life cycle.
c. Asset Manager. The Asset Manager is designated by CG-6 to guide, oversee, and monitor IA
policies and practices for an assigned system. An asset is a system, product (e.g., Commercial-
off-the-Shelf equipment, information, policy), data, service, capability, or resource that is
available, managed, delivered, applied, supported, or sustained on an enterprise scale by the CG-
6 organization in collaboration with its supporting program sponsor and manager, customers, and
external stakeholders, System Development Agent (SDA), and System Support Agent (SSA).
The Asset Manager shall collaborate with the Sponsor's Representative, SDA, and SSA to
ensure alignment and compliance with the Coast Guard's System Development Life Cycle
(SDLC) policies and practices. The Asset Manager has the following IA responsibilities:
(1) Ensuring that resource estimates are realistic and adequate and have considered IA in all
aspects of the SDLC.
(2) Collaborating with the Sponsor's Representative, SDA, and SSA to facilitate alignment and
compliance with Coast Guard IA policies and practices.
(3) Maintaining a set of metrics to ensure that IA is being met during system development,
performance, and maintenance.
(4) Developing and recommending changes to IA policies and practices, as necessary, to
enhance the quality of C4&IT IA practices.
(5) Facilitating resolution of issues among the Sponsor's Representative, SDA, SSA, and other
programs.
d. Sponsor. The Sponsor is the organizational element that articulates goals, validates
requirements, acquires resources, and accepts C4&IT capability needed to support a Coast Guard
mission. The Sponsor has the following IA responsibilities:
(1) Ensuring that IA requirements are addressed throughout the life cycle of each system.
(2) Ensuring that resources are available for IA practices, that these practices are followed, and
that the system can operate at an acceptable level of risk prior to receiving Authority to
Operate the system.
(3) Coordinating with the network DAA to receive Authority to Connect.
(4) Designating the Sponsor's Representative.
(5) Designating the Program Manager.
e. Program Manager. The Program Manager is the Sponsor's designated manager who is
responsible for development and production of program requirements. The Program Manager
advocates the end user's concerns and establishes or maintains mechanisms to ensure that the
3