It is with pleasure that i present this third edition of the nato lessons learned handbook to. Nato nations and nato civil and military bodies shall ensure that the basic principles and minimum standards of security set forth in this cm are applied to safeguard classified information from loss of confidentiality, integrityand availability. An excellent example for close cooperation for such an information management system in nato is the awacssystem. This includes enterprise architecture, data center optimization, privacy, freedom of information act, civil liberties, information sharing, electromagnetic spectrum, cybersecurity, and it policy compliance. Directive on the public disclosure of nato information 16 jan. Nato framework of information management 8 processed. Allied joint doctrine for communication and information systems. Financial and administrative policies and procedures manual. For ease of reference, a compendium, containing the two security policy documents cm200249 and cm200250 and the abovementioned supporting.
The policy on the public disclosure of nato information ppd establishes a framework for the orderly and efficient declassification and public disclosure of nato information. The north atlantic treaty organization nato is an alliance of 26 countries from north. Nato strategic communications policy public intelligence. Records and archives management in the united nations.
Jul 12, 2018 the north atlantic treaty organization is a military alliance of countries from europe and north america promising collective defense. Both documents require that nato information of permanent value be identified and preserved and that information with temporary value be destroyed at the end of its retention period. Capture and manage aggregated information about entities that are relevant to the conduct and context of nato joint major and small operations at various levels of intensity in a crisis response or collective defence context, manage the behaviour of entities in time and space that are relevant. Such policy issues are not unique to the military domain, however. Safeguarding and controlling communications security material. Dod information assurance certification and accreditation process diacap reference h, dodi 8410. Security within the north atlantic treaty organisation cm200249 c. This briefing is intentionally general so it may be used by all u. Explosives safety munitions risk management esmrm 02 june 2015 the following is an introduction to a informative paper on an important piece of work which has been conducted in recent years to address the need for nato munitions risk management policy and procedures. Information management policies enable organizations to control and track things like how long content is retained or what actions users can take with that content. Information exchange requirements ier and information exchange models iem robert suzi c1,1 and choongho yi1 1 combitech ab, command and control systems, torshamnsgatan 32 a, se164 84 stockholm, sweden robert. Access request form for nato archives reading room. Nato continues to attract new members and missions indicating there may be more value to be found in this 61yearold organization.
Information security msit from the eindhoven university of technology and is a senior cyber security consultant with many years of experience in information security, cyber resilience, risk management, and privacy within governmental, critical and vital organizations. James sadler, us army officer at nato arrc, march 14, 2016. Nato information is exempt from downgrading or declassification without the prior consent of nato. It remains a useful source of lessons learned related information within nato, but its scope extends beyond the organization as well. Information management strategic framework 2 information management strategic framework 3 what tax office people think is important 01 create a single authoritative source 02 take a whole of revenue system view 03 apply information dynamically 04 make sure information meets clients needs 05 meet all of our responsibilities 06 reduce duplication and rework.
These airplanes easily recognized by their typical huge round radom on their back are the backbone of the nato airborne warning and control system awacs, controlling the airspace for air policing and airspace control in. Cm20090021, policy on the retention and disposition of nato information. Overarching military committee mc policy and direction on nato operations planning, including planning authorisation and the layout of formal nato hq documentation. Identify and protect national security information and cui in accordance with nationallevel policy issuances. Introduction this financial and administrative policies and procedures manual is a comprehensive reference of policies, procedures and general information concerning the operation of the financial department of the. All officials within dcma who hold command, management, or supervisory positions have specific, nondelegable responsibility for the quality of implementation and management of the information security infosec program within their areas of responsibility. North atlantic council, cm20070118, titled the nato information management.
The joint staff information management division imd is one of two divisions which make up. Nato does have a more developed policy toward sharing information with non nato partner states and international organizations ios. Nci agency nato communications and information agency acquire, deploy and defend communications systems for natos political decisionmakers and commands. Financial and administrative policies and procedures manual 712016 6302017 page 1 of 22 1.
North atlantic treaty organisation corrigendum to cm200249 dated 17 june 2002 amendment 12 1. Record titles and descriptions are on the army records information management system website at. This directive establishes the procedures and assigns roles and responsibilities for implementing the ppd. Relevant information gathered from these meetings are reported to exco or dgims as appropriate. Multiple niapc categories can be assigned to a security mechanism group.
As this directive supports collectively the nato information management policy, the nato policy on cyber defence and the policy on security within the north atlantic treaty organisation, it defines also cis security requirements for nato civil and military bodies to protect nato cis handling nonclassified information. The policy is supported by implementing directives and by retention and disposition schedules that identify the retention periods and the. Allied joint doctrine for communication and information. Records created as a result of processes prescribed by this regulation must be identified, maintained, and disposed of according to ar 254002. In 2016, the eu and nato adopted a joint declaration that laid the ground for a new type of relationship. The stanag, and its supporting nato publications, provides guidance on managing the configuration of products and services. Currently numbering 29 nations, nato was formed initially to counter the communist east and has searched for a new identity in the post cold war world. Response to the crisis in ukraine and security concerns. D20080031rev1, nato cis policy to support capability management, version 1. This security briefing contains the minimum elements of information that must be provided to individuals upon initial indoctrination for access to nato classified information. Explosives safety munitions risk management esmrm msiac.
The organizational structure must be capable of managing this information throughout the information lifecycle regardless of source or format data, paper documents, electronic documents, audio, video, etc. There are shown ways of achieving c2is interoperability in nato. The policy is supported by implementing directives and by retention and disposition schedules that identify the retention periods and the permanent or temporary value of particular types of nato information. C structure and responsibilities for spectrum management in the north atlantic treaty organization c1. Joint staff information management division while discouraged, if a personal email account must be used to conduct joint staff business, the sender must either send a copy of the original email to an official government email account, or forward a complete copy of the email to an official government email account no later than 20 days after the. Recent internationalisation effort of the swedish armed forces has. Nato archives policy on the retention and disposition of nato information extracts introduction. Nato libguides are webbased research guides that contain publicly available information from the internet that have been handpicked by the nato multimedia library staff. According to the nato approved policy on public disclosure, documents of thirty years old or older which have been declassified and approved for public disclosure are available for consultation. Infosec management directive for gis the first four directives ac35d20002003 were approved by council reference.
The statement this document contains nato classified information will be affixed to the front cover or first page, if there is no cover. Managing nato s nuclear business centers on the politics of the nuclear issue and how the military or nuclear balance is perceived. Ajp6 edition a, version 1, allied joint doctrine for communication and information systems, which has been approved by the nations in the military committee joint standardization board, and is. This directive applies to all nato information falling within the scope of the nato. Handling nato information identified during automatic declassification processing december 12, 2008. To enable implementation of these principles, a joint c2 structure that is understood at all levels is required to facilitate the clear, timely, and secure distribution of guidanceorders, situation reports, and coordinating information. Km is peoplecentric, and focuses on people gaining and sharing knowledge to aid decisionmaking through interaction, organizations, and processes, making it better and faster in a. This policy establishes the information security regulatory framework for information being processed in electronic form for the act government. This document supported the previous version of nato information management policy nimp po9947 nato public disclosure policy and directive. This involves attending nima working group meetings and syndicates to discuss and draft information management strategy, policy, and guidance for all of nato. Agreement to standardize procedure and policy for configuration management cm used by nato nations in multinational joint projects. A north atlantic treaty organization architectural framework considerations a1. The security mechanism groups are created to assist in providing traceability of security countermeasures identified in security risk assessment through to the selection of security enforcing products. They are by no means a comprehensive collection but provide a good starting point.
It is dod policy, in accordance with reference b, to. Nato unclassified document security committee primary. The libguides have been created for topics that are of current interest to nato s mission. Introduction to information management policies sharepoint. In the past decade, the commitment of nato and its partner nations to the protection of civilians in the planning and conduct of operations and missions has been underpinned by the development of a diverse body of policies and guidelines, in areas such as children and armed conflict, women peace and security, and conflictrelated sexual and genderbased violence. Nato information management worldwide publish your master. If it has been marked nato by the originating nation, it must be assumed to contain information released to nato, and it is controlled under the nato security program. There were twelve signatories, including the united states, canada and britain full list below.
Nato military policy on information operations references p020090141, nato strategic communications policy, 29 sep 2009 mc 034 final, nato s operations planning, 07 jan 2011 mcm01642009, nato strategic communications policy, 29 sep 2009 mcm00852010 revised, military concept for nato strategic communications, 11 aug 2010. Pdf 230kb directive on the management of records generated on operational deployment 27 feb. Support to the nato information management authority nima working group. Stanag 4427 on configuration management in system life cycle management is the standardization agreement stanag of nato nations on how to do configuration management cm on defense systems. This directive establishes the procedures and assigns roles and responsibilities for. Ajp3 edition c version 1 x nato bisc dir 401 integrating unscr 25 and gender perspectives in the nato command structure nato bisc dir 080006 lessons learned aco directive 801 lessons learned aco directive 8070 campaign synchronization and joint targeting in nato aco directive 080104 nato force integration units dated 09 august 2016 ac35d1040 rev 6 supporting document on information. This policy is published by the north atlantic council and is authorised for public. Some of his most prominent work was in regard to a large dutch. Promote information sharing, facilitate judicious use of resources, and simplify management through implementation of uniform and standardized processes. The office of chief information officer ocio is responsible for providing information management and information technology it policy and governance oversight for the don. Information owners should use the information security assessment template to assist with determining information security requirements. Ac324d20120003, nato strategy for the long term preservation of digital information b.
Gaining and sharing information and knowledge nato. Nato information management policy nimp cm20070118 b. Todays information environment, characterized by a 247 news cycle, the rise of social networking sites, and the interconnectedness of audiences in and beyond nato nations territory, directly affects how nato actions are perceived by key audiences. Information exchange requirements ier and information. Nato unclassified releasable to albaniacroatia document c. The nato legal gazette is published as an information and knowledge management initiative, focused on improving the understanding of complex issues and facilitating information sharing. Nato unclassified nato military policy on information operations references p020090141, nato strategic communications policy, 29 sep 2009 mc 034 final, nato s operations planning, 07 jan 2011 mcm01642009, nato strategic communications policy, 29 sep 2009 mcm00852010 revised, military concept for nato strategic communications, 11 aug 2010. The case may serve as the basis for broad discussions of nato strategy andor nato s management of sensitive issues of nuclear weapons and arms control. Directive on the preservation of nato digital information of permanent value references. Gazette is not a formal nato document and does not represent the official opinions or positions of nato or individual nations unless specifically stated. Nci agency nato communications and information agency acquire, deploy and defend communications systems for nato s political decisionmakers and commands.
Tasked with delivering critical capabilities, including. Nato security policies, supporting directives and guidance documentation call for the implementation of security measures and use of security products to protect information processed, stored or transmitted handled in communication, information, other electronic systems, and supporting system services and resources, against loss of confidentiality, integrity or availability. An information management policy is a set of rules for a type of content. The paper deals with concept and importance of nato command and control information systems c2is interoperability. The ict security policy derives its authority from the act government protective security policy framework pspf and supplements the pspf with policies to support information security. Nato unclassified ac324d20140010rev2 nato unclassified 3 references a cm20070118, nato information management policy, dated 11 december. Information security oversight office national archives. Geographic information quality management, iso standardization, nato standardization agreement, interoperability summary the main issue in geographic information quality management giqm and standardization.
Capability development publication series innovation in operations assessment. Geographic information quality management and standardization in finnish defence forces kari ingberg, finland key words. The nato information service was established by council resolution on may 18, 1950, in order to promote and coordinate public information in furtherance of the objectives of the treaty, while leaving responsibility for national programmes to each country. Nato was created by the north atlantic treaty, also called the washington treaty, which was signed on april 5th 1949. Nato s intelligence and warning system, natos operational planning system and nato s crisis response sy stem.
Policy on the retention and disposition of nato information. The crisis management system rests on the four main pillars. Access to full text articles in the military domain, from some of janes online products e. B joint consultation, command and control interoperability b1. It addresses the roles, responsibilities, processes and products from the strategic, operational and tactical commands, and the political guidance and oversight inherent in this process. This document establishes the policy on the retention and disposition of nato information as called for in the nato information management policy nimp 1. Joint staff information management division united states. This directive is published by the security committee in cis security format scciss in support of the nato information management policy nimp, the policy on security within the north atlantic treaty organisation, the enhanced nato policy.
Knowledge management and information management are different, but necessary aspects in todays hq decisionmaking. The libguides have been created for topics that are of current interest to natos mission. This includes enterprise architecture, data center optimization, privacy, freedom of information act, civil liberties, information sharing. Nato information generated by a nato element or national information generated by a nato member nation. Command and control information systems interoperability in nato. The head of nato s military operations is the supreme allied commander europe, a position always held by an american so their troops dont come under foreign command, answering. Information management policy nimp, and is mandatory. The nato policies and directives related to information management is another example of. Nato unclassified document archives committee directive on. Reference act protective security policy framework act information security guidelines territory records standards for records management corporate fact sheet. Information security oversight office national archives and records administration 700 pennsylvania avenue, nw washington, dc 20408. Information, as we know it today, includes both electronic and physical information. Responsible for connecting the alliance, defending its networks, and providing rapid support to nato operations and missions. The policy will be supported by implementing directives on the management of records within nato, including a directive on managing records.