NONAPPROPRIATED FUND (NAF)
INFORMATION TECHNOLOGY (IT)

Supporting our Joint Warfighters and their families with joint, collaborative, technology solutions


NAF IT Working Group
Per DoDI 1015.16, the NAFI IT Working Group is responsible for tracking Military Service and Exchange implementation of DoDI 1015.16 requirements, establishing and defining BMA activities, scope, and responsibilities, and coordinating technology modernization efforts and standards across the DoD NAFI IT Enterprise. The NAF IT WG meets periodically to review and discuss challenges amongst Services and Exchanges and opportunities for cross-Services and Exchanges collaboration.
NAF IT Policy DoDI 1015.16 Change 1
DoDI 1015.16 "NONAPPROPRIATED FUND INSTRUMENTALITIES INFORMATION TECHNOLOGY POLICIES AND PROCEDURES Change 1"

One Page Summary - DoDI 1015.16


DoDI 1015.16 establishes policy, assigns responsibilities, and provides procedures for reciprocal acceptance of authorization decisions and artifacts of DoD NAF Instrumentalities (NAFIs) governed by DoDI 1015.15 for the authorization and connection of NAFI IT.  DoDI 1015.16 establishes NAFI IT governance charged with ensuring all relevant parties are aware and informed participants in the maintenance and strategic development of NAF IT cybersecurity.
NAF IT Cybersecurity
DOD AI Policy and Information:
https://www.ai.mil/Initiatives/Responsible-AI/ 

Chief Digital and Artificial Intelligence Office (CDAO) Information:

Policy and Guidance: https://www.ai.mil/Initiatives/Responsible-AI/   
AI Risk Toolkits: https://rai.tradewindai.com/ 

New DOD CIO AI Focus Group established:
AI Focus Group

CMMC 2.0 - Final Rulemaking completed - Acquisition rulemaking in progress.
Only to affect APF Services and Contracts!
https://dodcio.defense.gov/CMMC/

Business Impact Analysis Template
BIA Final Template_RMF

DOD Cyber Workforce Framework and DODD 8140.01
https://public.cyber.mil/wid/dcwf/

DOD Cloud Access Point Updates and SRG - Need a Waiver?
https://public.cyber.mil/dccs/

Cybersecurity Resource and Reference Guide
Executive Order on Improving the Nation's Cybersecurity

DoD CIO Cybersecurity Policy:
DoDI 8500.01, "Cybersecurity"
DoDI 8510.01, "Risk Management Framework (RMF) for DoD Information Technology (IT)"
DoDI 8530.01, "Cybersecurity Activities Support to DoD Information Network Operations"
DoDI 8310.01, "Information Technology Standards in the DoD"
DoDI 8560.01, "Communications Security (COMSEC) Monitoring"
DoDI 8582.01, "Security of Non-DoD Information Systems Processing Unclassified Nonpublic DoD Information"
DoDI 8910.01, "Information Collection and Reporting
                                                                                                                OUSD P-R NAF Technology Officer, Craig Brindle
                                                                                                                                    OUSD P-R NAF  IT Technology Officer, Craig Brindle
NAF IT Business Mission Area
The NAF IT Business Mission Area (BMA) will identify common IT and cybersecurity policy vision, goals, desired capabilities, and outcome-measures based on participating (DoD NAFI) input and guidance. The goal of the BMA is to create NAF enterprise-wide representation and advice on NAF IT issues and advocate for DoD NAFIs collectively.