| AES |
Advanced Encryption Standard |
| AFC4A |
Air Force C4 Agency |
| AFIWC |
Air Force Information Warfare Center |
| AFI |
Air Force Instruction |
| AFOSI |
Air Force Office of Special Investigation |
| AFPD |
Air Force Policy Directive |
| ANSI |
American National Standards Institute |
| A&A |
Assessment and Authorization |
| ASD(C31) |
Assistant Secretary of Defense for Command, Control, Communication and Intelligence |
| ATM |
Asynchronous Transfer Mode |
| AMIDS |
Audit Monitoring and Intrusion Detection System |
| ATD |
Authorization Termination Date |
| ATC |
Authorization to Connect |
| ATO |
Authorization to Operate |
| AO |
Authorizing Official |
| AODR |
Authorizing Official Designated Representative |
| ADP |
Automated Data Processing |
| AIS |
Automated Information Systems |
| AIMS |
Automated Infrastructure Management System |
| ASIMS |
Automated Security Incident Measuring System |
| ASSIST |
Automated System Security Incident Support Team |
| BIOS |
Basic Input and Output System |
| BMA |
Business Mission Area |
| CISA |
C4I Integration Support Activity |
| CAL |
Category Assurance List |
| CSS |
Central Security Service |
| CERT/CC |
CERT/Coordination Center |
| C&A |
Certification and Accreditation |
| C&A WG |
Certification and Accreditation Working Group |
| CA |
Certification Authority |
| CJCS |
Chairman of the Joint Chiefs of Staff |
| CJCSI |
Chairman, Joints Chiefs of Staff Instruction |
| CIO |
Chief Information Officer |
| CCA |
Clinger-Cohen Act |
| CFR |
Code of Federal Regulations |
| C2 |
Command and Control |
| C2W |
Command and Control Warfare |
| C4 |
Command, Control, Communications, and Computers |
| C4ISR |
Command, Control, Communications, Computer, Intelligence, Surveilance and Reconnaisssance |
| COTS |
Commericial Off-the-Shelf |
| CNSS |
Committee on National Security Systems |
| CNSSI |
Committee on National Security Systems Instruction |
| CNSSP |
Committee on National Security Systems Policy |
| CAC |
Common Access Card |
| CC |
Common Criteria |
| COE |
Common Operating Environment |
| COMSEC |
Communications Security |
| CSIR |
Computer (and Network) Security Incident Response |
| CERT |
Computer Emergency Response Team |
| CIAC |
Computer Incident Advisory Capability |
| CIRT |
Computer Incident Response Team |
| CITAC |
Computer Investigation and Infrastructure Threat Assessment Center |
| CMDS |
Computer Misuse Detection System |
| CNA |
Computer Network Attack |
| CNDSP |
Computer Network Defense Service Provider |
| CSA |
Computer Security Act |
| CSSO |
Computer Systems Security Officers |
| CMS |
COMSEC Management System |
| CONOPS |
Concept of Operations |
| CCB |
Configuration Control Board |
| CAP |
Connection Approval Program |
| CCI |
Control Correlation Identifier |
| CUI |
Controlled Unclassified Information |
| CI |
Counterintelligence |
| CAAP |
Critical Asset Assurance Program |
| CIAO |
Critical Infrastructure Assurance office |
| CIP |
Critical Infrastructure Protection |
| CIPWG |
Critical Infrastructure Protection Working Group |
| CD |
Cross Domain |
| CDS |
Cross-Domain Solution |
| DARPA |
Defense Advanced Research Projects Agency |
| DCPDS |
Defense Civilian Personnel Data System |
| DIACCS |
Defense IA Command and Control System |
| DSAWG |
Defense IA Security Accreditation Working Group |
| DIB |
Defense Industrial Base |
| DIAP |
Defense Information Assurance Program |
| DII |
Defense Information Infrastructure |
| DISN |
Defense Information System Network |
| DISA |
Defense Information Systems Agency |
| DITSWG |
Defense Information Technology Security Working Group |
| DIA |
Defense Intelligence Agency |
| DIAMOND |
Defense Intrusion Analysis & Monitoring Desk |
| DMC |
Defense MegaCenter |
| DMS |
Defense Message System |
| DREN |
Defense Research and Engineering Network |
| DSS |
Defense Security Service |
| DATO |
Denial of Authorization To Operate |
| DoD |
Department of Defense |
| DoDD |
Department of Defense Directive |
| DODIN |
Department of Defense information networks |
| DoE |
Department of Energy |
| DoN |
Department of the Navy |
| DASD |
Deputy Assistant Secretary of Defense |
| DASD(DT&E) |
Deputy Assistant Secretary of Defense for Developmental Test and Evaluation |
| DCMO |
Deputy Chief Management Office |
| DAA |
Designated Approving Authority (DAA) |
| DT&E |
Developmental Test and Evaluation |
| DES |
Digital Encryption Standard |
| DTM |
Directive-Type Memorandum |
| DCI |
Director of Central Intelligence |
| DCID |
Director of Central Intelligence Directive |
| DNI |
Director of National Intelligence |
| DIRNSA |
Director, National Security Agency |
| DOT&E |
Director, Operational Test and Evaluation |
| DIDS |
Distributed Intrusions Detection System |
| DoD CIO |
DoD Chief Information Officer |
| DCE |
DoD Cyber Exchange |
| DIACAP |
DoD Information Assurance Certification and Accreditation Process |
| DoD ISRMC |
DoD Information Security Risk Management Committee |
| DITPR |
DoD Information Technology Portfolio Repository |
| DoDI |
DoD Instruction |
| DoDIIS |
DoD Intelligence Information System |
| DITSCAP |
DoD IT Security Certification and Accreditation Process |
| DoDM |
DoD Manual |
| DIMA |
DoD Portion of the Intelligence Mission Area |
| DNS |
Domain Name Servers |
| ETA |
Education, Training and Awareness |
| ETAPWG |
Education, Training, Awareness and Professionalization Working Group |
| EFOIA |
Electronic Freedom of Information Act |
| EIEMA |
Enterprise Information Environment Mission Area |
| EITDR |
Enterprise Information Technology Database Repository |
| eMASS |
Enterprise Mission Assurance Support Service |
| E/APL |
Evaluated Approved Product |
| EAL |
Evaluation Assurance Level |
| EOP |
Executive Office of the President |
| FIPSPUB |
Federal Information Processing Standard Publication |
| FISMA |
Federal Information Security Management Act |
| FTS |
Federal Telecommunications Service |
| FSO |
Field Security Office |
| FIWC |
Fleet information Warfare Center |
| FN |
Foreign National |
| FIRST |
Forum of Incident Resonse and Security Teams |
| FOIA |
Freedom of information Act |
| GAO |
General Accounting Office |
| GSA |
General Services Administration |
| GCSS |
Global Combat Support System |
| GCCS |
Global Command and Control System |
| GIG |
Global Information Grid |
| GOSC |
Global Operations and Security Center |
| GOTS |
Government Off-the-Shelf |
| GSII |
Government Services Information Infrastructure |
| GMITS |
Guidelines for the Management of IT Security |
| HBSS |
Host Based Security System |
| IRS |
Incident Reporting Structure |
| IRT |
Incident Response Team |
| I&W |
Indications and Warning |
| IA |
Information Assurance |
| IAD |
Information Assurance Document |
| IAG |
information Assurance Group |
| IAM |
Information Assurance Manager |
| IAO |
Information Assurance Officer |
| IAPWG |
Information Assurance Policy Working Group |
| IASE |
Information Assurance Support Environment |
| IATAC |
Information Assurance Technology Analysis Center |
| IAVA |
Information Assurance Vulnerability Alert |
| IO |
Information Operations |
| INFOCONs |
Information Operations Conditions |
| IRM |
Information Resource Management |
| ISRMC |
Information Security Risk Management Committee |
| IS |
Information System |
| ISSM |
Information System Security Manager |
| ISSO |
Information System Security Officer |
| INFOSYS |
Information Systems |
| INFOSEC |
Information Systems Security |
| IT |
Information Technology |
| ITMRA |
Information Technology Management Reform Act |
| IW |
Information Warfare |
| IW-D |
Information Warfare – Defensive |
| IPMO |
INFOSEC Program Management Office |
| IRC |
INFOSEC Research Council |
| IPTF |
Infrastructure Protection Task Force |
| IEEE |
Institute for Electrical and Electronics Engineers |
| IC |
Intelligence Community |
| IATC |
Interim Authority to Connect |
| IATO |
Intermin Authority to Operate |
| IATT |
Intermin Authority to Test |
| ISO |
International Organization for Standardization |
| IP |
Internet Protocol |
| IPR |
Internet Protocol Router |
| IPSec |
Internet Protocol Security |
| PPS |
Internet Protocol Suite and Associated Ports |
| JCIDS |
Joint Capabilities Integration and Development System |
| JCCC |
Joint Communications Control Center |
| JDIICS |
Joint DII Control Systems |
| JIWG |
Joint IA Operations Working Group |
| JIE |
Joint Information Environment |
| JIEO |
Joint Interoperability Engineering Organization |
| JID |
Joint Intrusion Detection |
| JPO STC |
Joint Program Office for Special Technical Countermeasures |
| JTF-CNO |
Joint Task Force – Computer Network Operations |
| JWID |
Joint Warrior Interoperability Demonstration |
| JWICS |
Joint Worldwide Intelligence Communications System |
| KMI |
Key Management Infrastructure |
| KS |
Knowledge Service |
| LE |
Law Enforcement |
| LEA |
Law Enforcement Agency |
| LE/CI |
Law Enforcement and Counterintelligence |
| MCDES |
Malicious Code Detection and Eradication System |
| MOA |
Memorandum of Agreement |
| MOU |
Memorandum of Understanding |
| MA |
Mission Area |
| MLS WG |
Multilevel Security Working Group |
| NCSC |
National Computer Security Center |
| NACIC |
National Counterintelligence Center |
| NDU |
National Defense University |
| NISP |
National Industrial Security Program |
| NII |
National Information Infrastructure |
| NITB |
National INFOSEC Technical baseline |
| NIAC |
National Infrastructure Assurance Council |
| NIPC |
National Infrastructure Protection Center |
| NIST |
National Institute of Standards and Technology |
| NSA |
National Security Agency |
| NS/EP |
National Security and Emergency Preparedness |
| NSD |
National Security Directive |
| NSIRC |
National Security Incident Response Center |
| NSOC |
National Security Operations Center |
| NSS |
National Security System |
| NSTAC |
National Security Telecommunication Advisory Committee |
| NSTISSC |
National Security Telecommunications and Information Systems Security Committee |
| NSTISSI |
National Security Telecommunications and Information Systems Security Instruction |
| NCIS |
Naval Criminal Investiative Service |
| NID |
Network Intrusion Detector |
| NOC |
Network Operating Centers |
| NOSC |
Network Operation Security Center |
| NIPRNet |
Non-Classified Internet Protocol Router Network |
| NC |
Non-Compliant |
| NSU |
Non-Standard Usage |
| NA |
Not Applicable |
| ORNL |
Oak Ridge National Laboratory |
| OMB |
Office of Management and Budget |
| OASD(C3I) |
Office of the Assistant Secretary of Defense (Command, Control, Communications, and Intelligence) |
| OIG DoD |
Office of the Inspector General of the Department of Defense |
| OSD |
Office of the Secretary of Defense |
| OSD/JS |
Office of the Secretary of Defense/Joint Staff |
| OUSD(P) |
Office of the Under Secretary of Defense (Policy) |
| OT&E |
Operational Test and Evaluation |
| OPSEC |
Operations Security |
| PIN |
Personal Identification Number |
| PII |
Personally Identifiable Information |
| POA&M |
Plan of Action and Milestones |
| PIT |
Platform Information Technology |
| PPTP |
Point-to-Point Tunneling Protocol |
| PPSM |
Ports, Protocols, and Services Management |
| PCCIP |
President’s Commission on Critical Infrastructure Protection |
| PGP |
Pretty Good Privacy |
| PAO |
Principal Authorizing Official |
| PIA |
Privacy Impact Assessment |
| PM |
Program Manager |
| PM/SM |
Program Manager/System Manager |
| POM |
Program Objective Memorandum |
| PPP |
Program Protection Plan |
| PKI |
Public Key Infrastructure |
| RCERTs |
Regional Computer Emergency Response Teams |
| ROSC |
Regional Operations and Security Center |
| RDT&E |
Research, Development, Test and Evaluation |
| RT&E |
Research, Test, and Evaluation |
| RMF |
Risk Management Framework |
| SAPCO |
SAP Central Office |
| SABI |
Secret and Below Interoperability |
| SABI WG |
Secret and Below Interoperability Working Group |
| SIPRNet |
Secret Internet Protocol Router Network |
| SITR |
Secret Internet Protocol Router Network Information Technology Registry |
| SECDEF |
Secretary of Defense |
| SCRI |
Secure Compliance Remediation Intiative |
| SCCVI |
Secure Configuaration Compliance Validation Initiative |
| SET |
Secure Encrypted Transaction |
| SAR |
Security Assessment Report |
| SCG |
Security Configuration Guide |
| SCAP |
Security Content Automation Protocol |
| SCA |
Security Control Assessor |
| SPB |
Security Policy Board |
| SRG |
Security Requirements Guide |
| STIGs |
Security Technical Implementation Guides |
| SISO |
Senior Information Security Officer |
| SCI |
Sensitive Compartment Information |
| SBU |
Sensitive-But-Unclassified |
| SLA |
Service-Level Agreement |
| SCAO |
SIPRNET Connection Approval Office |
| SEI |
Software Engineering Institute |
| SAP |
Special Access Program |
| SIO |
Special Information Operations |
| SP |
Special Publication |
| SM |
System Manager |
| SSE |
System Security Engineering |
| SATAN |
Systems Administrators’ Tool for Assessing Networks |
| SSAA |
Systems Security Authorization Agreement |
| SNAP |
Systems/Networks Approval Process |
| TAG |
Technical Advisory Group |
| T&E |
Test and Evaluation |
| TRMC |
Test Resource Management Center |
| THREATCON |
Threat Condition |
| TRANSEC |
Transmission Security |
| TPM |
Trusted Platform Module |
| TSN |
Trusted Systems and Networks |
| UCAO |
Unclassified Connection Approval Office |
| USD(AT&L) |
Under Secretary of Defense for Acquisition, Technology, and Logistics |
| USD(I) |
Under Secretary of Defense for Intelligence |
| USD(P&R) |
Under Secretary of Defense for Personnel and Readiness |
| USD(P) |
Under Secretary of Defense for Policy |
| UC |
Unified Capabilities |
| UCDMO |
Unified Cross Domain Management Office |
| UCMJ |
Uniform Code of Military Justice |
| URL |
Uniform Resource Locator (Universal Resource Locator) |
| U.S.C. |
United States Code |
| USSTRATCOM |
United States Strategic Command |
| UR |
User Representative |
| VPN |
Virtual Private Network |
| VAAP |
Vulnerability and Assessment Program |
| VAS |
Vulnerability Assessment System |
| WMA |
Warfighting Mission Area |