Pentagon CIO issues IT standards revamp

The 38-page policy includes multiple revisions, removals and additions, in a side-by-side comparison to the previous iteration.
John Sherman
John Sherman participates in a virtual panel with Billington Cybersecurity at the Pentagon, April 15, 2021. (DoD photo / Chad J. McNeeley)

The Defense Department recently refreshed and reissued its enterprisewide standards that govern civilian and military use of information technology capabilities that fall under its purview.

Marking the first update of this sprawling policy instruction since 2017, Chief Information Officer John Sherman approved the changes ahead of the new document’s public release earlier this month. These standards apply to all national security systems and defense business systems.

“The reissuance provides additional clarity and increases emphasis on the value of IT standards to deliver DOD IT solutions that are interoperable, reusable, portable, secure, and innovative,” Navy Cmdr. Jessica McNulty, a spokesperson for the DOD’s CIO, told DefenseScoop on Friday.

McNulty further noted that “this was a routine update to a policy issuance” to ensure that the rules would all align with Section 142, Title 10 of the U.S. Code, which is essentially the overarching law that governs DOD’s CIO functions. This revamp also broadly “reassigns responsibilities based on the reorganization of the former Under Secretary of Defense (USD) for Acquisition, Technology and Logistics into the USD for Research and Engineering (USD(R&E)) and USD for Acquisition and Sustainment,” McNulty confirmed.


At 38 pages, this new version of IT standards is roughly 10 pages longer than the 2017 document. It includes multiple revisions, removals and additions, per a side-by-side comparison to the previous iteration. 

For instance, while the 2017 instruction does not blatantly reference the governance of biometric capabilities — or those that use body measurements or calculations of humans’ physical characteristics to confirm their identities — the new version has several sections regarding the technologies. The 2023 standards designate the secretary of the Army as DOD’s “Executive Agent for Biometrics” to reflect modern laws and delegate various actions associated with the department’s ongoing efforts to drive forensic and biometric IT standards development.

McNulty could not provide more information on those inclusions by publication on Friday.

Less than a week after the Pentagon released these new IT standards via an official memorandum, DOD’s CIO also approved and released the office’s new Software Modernization Implementation Plan to go along with its recently-shared strategy.

“There is no direct and intended relationship between release of these two documents. It is mere coincidence that they were published within days of each other,” McNulty told DefenseScoop.  

Latest Podcasts