NONAPPROPRIATED FUND (NAF)
INFORMATION TECHNOLOGY (IT)
NAF IT Policy
NAF IT Policy supports IT functions used or managed by MWR, Military Services' exchanges, DoD Lodging, or other Nonappropriated Fund Instrumentalities (NAFIs).
NAF IT Policy DoDI 1015.16
DoDI 1015.16 "NONAPPROPRIATED FUND INSTRUMENTALITIES INFORMATION TECHNOLOGY POLICIES AND PROCEDURES"

One Page Summary - DoDI 1015.16

DoDI 1015.16 establishes policy, assigns responsibilities, and provides procedures for reciprocal acceptance of authorization decisions and artifacts of DoD NAF Instrumentalities (NAFIs) governed by DoDI 1015.15 for the authorization and connection of NAFI IT.  DoDI 1015.16 establishes NAFI IT governance charged with ensuring all relevant parties are aware and informed participants in the maintenance and strategic development of NAF IT cybersecurity.
NAF IT Business Mission Area
The NAF IT Business Mission Area (BMA) will identify common IT and cybersecurity policy vision, goals, desired capabilities, and outcome-measures based on participating (DoD NAFI) input and guidance. The goal of the BMA is to create NAF enterprise-wide representation and advice on NAF IT issues and advocate for DoD NAFIs collectively.
NAF IT Working Group
Per DoDI 1015.16, the NAFI IT Working Group is responsible for tracking Military Service and Exchange implementation of DoDI 1015.16 requirements, establishing and defining BMA activities, scope, and responsibilities, and coordinating technology modernization efforts and standards across the DoD NAFI IT Enterprise. The NAF IT WG meets periodically to review and discuss challenges amongst Services and Exchanges and opportunities for cross-Services and Exchanges collaboration.