CCI-000602

Develop and document an organization-level; mission/business process-level; and/or system-level system and services acquisition policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.

Implementation Guidance

DoDD 5000.01, DoDI 5000.02, and DoDI 8580.1 meet the DoD requirements for system and services acquisition policy and procedures. DoD Components are automatically compliant with this CCI because they are covered by the DoD level policies, DoDD 5000.01, DoDI 5000.02, and DoDI 8580.1.

Validation Procedures

DoDD 5000.01, DoDI 5000.02, and DoDI 8580.1 meet the DoD requirements for system and services acquisition policy and procedures. DoD Components are automatically compliant with this CCI because they are covered by the DoD level policies, DoDD 5000.01, DoDI 5000.02, and DoDI 8580.1.

Compelling Evidence

Automatically compliant per DoDD 5000.01, DoDI 5000.02, and DoDI 8580.1.

The controls below (if any) were marked by NIST as being related to CCI-000602.