- Primary Directive on CIS Security
The Primary Directive on CIS Security is published to support the implementation of the NIMP, Enclosure ‘F ‘ of the Policy on Security within the North Atlantic Treaty Organisation and the NATO Policy on Cyber Defence. The policy sets out the CIS Security activities in the life-cycle of CIS which are essential to identify an appropriate level of protection for CIS handling NATO information, cope with the evolving threat environment and enable organisations to fulfil their mission by aligning security with their business objectives. Also, it identifies NATO committees, NATO civil and military bodies, and National bodies with a responsibility on CIS Security. This Primary Directive is mandatory and binding upon CIS handling NATO classified information. It is supported by management and technical and implementation directives and guidance on CIS Security. In this directive, where it states “for NATO CIS, it is only mandatory and binding upon CIS in NATO civil and military bodies and NATO CIS extended into national or multi-national bodies. As this Directive supports collectively the NATO Information Management Policy, the NATO Policy on Cyber Defence and the Policy on Security within the North Atlantic Treaty Organisation, it defines also CIS Security requirements for NATO Civil and Military Bodies to protect NATO CIS handling non-classified information.