Department of Defense
INSTRUCTION
NUMBER 3020.45
April 21, 2008
Incorporating Change 1, June 6, 2017
USD(P)
SUBJECT: Defense Critical Infrastructure Program (DCIP) Management
References: (a) DoD Directive 3020.40, “Defense Critical Infrastructure Program (DCIP)
Mission Assurance (MA),” August 19, 2005 November 29, 2016
(b) Homeland Security Presidential Directive 7, “Critical Infrastructure
Identification, Prioritization, and Protection,” December 17, 2003
1
(c) National Infrastructure Protection Plan (NIPP), Department of Homeland
Security, 2006
2
(d) Assistant Secretary of Defense (Homeland Defense) Memorandum, “Defense
Critical Infrastructure Program (DCIP) Interim Implementation Guidance,”
July 13, 2006 (hereby canceled)
(e) through (qp), see Enclosure l
1. PURPOSE
This Instruction:
1.1. Implements and establishes policy in support of the requirements of Reference (a) to
manage the identification, prioritization, and assessment of defense critical infrastructure (DCI)
as a comprehensive program. This program shall include the development of adaptive plans and
procedures to mitigate risk, restore capability in the event of loss or degradation, support incident
management, and protect DCI-related sensitive information.
1.2. Assigns responsibilities governing risk management including the acceptance,
remediation, and/or mitigation of DCI risks.
1.3. Assigns responsibilities and prescribes procedures for the implementation of the DCIP.
1
Copies of this document may be found at http://www.dhs.gov/xabout/laws/editorial_0607.shtm.
2
Copies of this document may be found at http://www.dhs.gov/xprevprot/programs/editorial_0827.shtm.
