DODI 5000.74 Enclosure 1: References

(a) DoD Directive 5134.01, “Under Secretary of Defense for Acquisition, Technology, and Logistics,” December 9, 2005, as amended

(b) DoD Instruction 5000.02, “Operation of the Defense Acquisition System,” January 7, 2015

(c) DoD Directive 5000.01, “The Defense Acquisition System,” May 12, 2003

(d) Under Secretary of Defense for Acquisition, Technology and Logistics Memorandum, “Taxonomy for the Acquisition of Services and Supplies & Equipment,” August 27, 2012 1

(e) Federal Acquisition Regulation (FAR), current edition

(f) DoD University Affiliated Research Center (UARC) Management Plan, July 2010

(g) Defense Federal Acquisition Regulation Supplement (DFARS), current edition

(h) Title 10, United States Code

(i) Office of Federal Procurement Policy (OFPP) Policy Letter 11-01, “Performance of Inherently Governmental and Critical Functions,” September 12, 2011

(j) DoD Instruction 1100.22, “Policy and Procedures for Determining Workforce Mix,” April 12, 2010

(k) Subtitle III, Section 11101 of Title 40, United States Code

(l) DoD Manual 8910.01, Volume 1, “DoD Information Collections Manual: Procedures for DoD Internal Information Collections,” June 30, 2014

(m) DoD Directive 5124.02, “Under Secretary of Defense for Personnel and Readiness (USD(P&R)),” June 23, 2008

(n) Defense Acquisition University, “Defense Acquisition Guidebook,” current edition2

(o) DoD Directive 1100.4, “Guidance for Manpower Management,” February 12, 2005

(p) DoD Instruction 7041.04, “Estimating and Comparing the Full Costs of Civilian and Active Duty Military Manpower and Contract Support,” July 3, 2013

(q) National Institute of Standards and Technology Special Publication 800-145, “The NIST Definition of Cloud Computing,” September 2011

(r) Office of Management and Budget Circular A-11, “Preparation, Submission, and Execution of the Budget,” July 25, 2014

(s) Department of Defense Information Enterprise Architecture (DoD IEA), Version 2.0, August 10, 2012

(t) DoD Directive 8000.01, “Management of the Department of Defense Information Enterprise,” February 10, 2009

(u) DoD Instruction 8330.01, “Interoperability of Information Technology (IT), Including National Security Systems (NSS),” May 21, 2014

(v) DoD Instruction 8115.02, “Information Technology Portfolio Management Implementation,” October 30, 2006

(w) DoD Instruction 8510.01, “Risk Management Framework (RMF) for DoD Information Technology (IT),” March 12, 2014

(x) DoD Instruction 8500.01, “Cybersecurity,” March 14, 2014

(y) Committee on National Security Systems Instruction No. 1253, “Security Categorization and Control Selection for National Security Systems,” March 27, 2014

(z) DoD Instruction 5200.44, “Protection of Mission Critical Functions to Achieve Trusted Systems and Networks,” November 5, 2012

(aa) Section 552a of Title 5, United States Code

(ab) DoD Directive 5400.11, “DoD Privacy Program,” October 29, 2014

(ac) DoD 5400.11-R, “Department of Defense Privacy Program,” May 14, 2007

(ad) DoD Instruction 5400.16, “DoD Privacy Impact Assessment (PIA) Guidance,” July 14, 2015

(ae) Title 44, United States Code

(af) Office of Management and Budget Memo M-13-09, “Fiscal Year 2013 PortfolioStat Guidance: Strengthening Federal IT Portfolio Management,” March 27, 2013

(ag) White House Memorandum for the Heads of Executive Departments and Agencies “Security Authorization of Information Systems in Cloud Computing Environments,” December 8, 20113

(ah) Chairman of the Joint Chiefs of Staff Instruction 6211.02D,”Defense Information Systems Network (DISN) Responsibilities,” January 24, 2012

(ai) Section 794d of Title 29, United States Code

(aj) DoD 8400.01-M, “Procedures for Ensuring the Accessibility of Electronic and Information Technology (E&IT) Procured by DoD Organizations,” June 3, 2011

(ak) DoD Chief Information Officer Guidance and Policy Memorandum 12-8430, “Acquiring Commercially Available Software,” July 26, 2000

(al) Department of Defense Information Technology Enterprise Strategy and Roadmap of September 20114

(am) Office of Management and Budget Memorandum M-03-14, “Reducing Cost and Improving Quality in Federal Purchases of Commercial Software,” June 2, 2003

(an) Office of Management and Budget Memorandum M-04-08, “Maximizing Use of SmartBuy and Avoiding Duplication of Agency Activities with the President’s 24 E-Gov Initiatives,” February 25, 2004

(ao) Office of Management and Budget Memorandum M-04-16, “Software Acquisition,” July 1, 2004

(ap) Office of Management and Budget Memorandum M-05-25, “SmartBUY Agreement with Oracle,” August 25, 2005