IT/Facility Related Control Systems (FRCS) |
The Defense Health Agency (DHA) strategic goals are to support the Military Department’s Surgeon General (SG), enhance the DHA role as a Combat Support Agency, and optimize DHA internal business processes. The DHA provides Enterprise Support Activities (ESA) to meet these strategic goals. The DHA Facilities Division is one such ESA tasked with delivering medical facilities worldwide. As the Department of Defense implements the Risk Management Framework, and the increased dependency on the cyberspace domain in both combat and defense, it is critical that DHA’s Facilities Division develop and implement standards that reinforce security of building controls systems and networked equipment. Doing so will improve standardization/reduce variation project‐by‐project, improve the cybersecurity for new facility construction, optimize investments in cybersecurity to balance security with lifecycle costs, and create flexibility for future modernization.
The following Policy and Procedures applies to Military Construction (MILCON) and Repair projects. These documents are critical to ensuring the infrastructure requirements for projects are within the DHA LAN/WLAN standards as well as technical requirements for server rooms. Please refer any questions regarding the documentation and/or its applicability to the DHA FRCS PMO. Updates shall be published when available.
The following Tools and Templates are provided to assist in planning and implementing cybersecurity requirements for IM/IT/LVS and FRCS Systems. The Tools and Templates are applicable for all Military Construction (MILCON) and Repair projects. Please refer any questions regarding the documentation and/or its applicability to the DHA FRCS PMO.
The following educational materials are provided for use by Military Health System (MHS) Project Officers (POs) worldwide. These educational materials will explain the application of cybersecurity RMF principles to MHS-funded construction and renovation projects to MHS POs – taking into account their diverse background and relative unfamiliarity with RMF, Cybersecurity, and the Authorizations process.
Coming Soon
|