BY ORDER OF THE SECRETARY
OF THE AIR FORCE
AIR FORCE INSTRUCTION 17-130
13 FEBRUARY 2020
Cyberspace
CYBERSECURITY
PROGRAM MANAGEMENT
COMPLIANCE WITH THIS PUBLICATION IS MANDATORY
ACCESSIBILITY: Publications and forms are available on the e-Publishing website at
www.e-Publishing.af.mil for downloading or ordering
RELEASABILITY: There are no releasability restrictions on this publication
OPR: SAF/CNZ
Supersedes: AFI33-200, 31 August 2015
Certified by: SAF/CNZ
(Ms. Wanda Jones-Heath, SES)
Pages: 21
This instruction implements Air Force Policy Directive 17-1, Information Dominance Governance
and Management and is consistent with Headquarters Mission Directive 1-26, Chief, Information
Dominance and Chief Information Officer, and Air Force Policy Directive (AFPD) 16-14, Security
Enterprise Governance; these documents should be reviewed to understand the Cybersecurity
Program. The National Institute of Standards and Technology Special Publication (NIST SP) 800-
39 was also used in developing the cybersecurity program. This publication applies to all civilian
employees and uniformed members of the Regular Air and Space Forces, Air and Space National
Guard, Air and Space Force Reserve, as well as to Department of the Air Force contractors when
required by the terms of their contracts. The authorities to waive wing/unit level requirements in
this publication are identified with a Tier (“T-0, T-1, T-2, T-3”) number following the compliance
statement. See Air Force Instruction (AFI) 33-360, Publications and Forms Management, for a
description of the authorities associated with the Tier numbers. Submit requests for waivers
through the chain of command to the appropriate Tier waiver approval authority, or alternately, to
the requestor’s commander for non-tiered compliance items. Refer recommended changes and
questions to the Office of Primary Responsibility on AF Form 847, Recommendation for Change
of Publication. Route AF Forms 847 through the appropriate functional chain of command to the
Office of the Chief Information Security Officer (SAF/CNZ), usaf.pentagon.saf-cn.mbx.cnz-
worflow@mail.mil. Any level may supplement this publication, but must route all direct
supplements to the Office of Primary Responsibility of this publication for coordination prior to
certification and approval. Ensure that all records created as a result of processes prescribed in this
publication are maintained in accordance with Air Force Manual 33-363, Management of Records,
