System Security Protection provides for the safeguard of all DoD information systems.

These systems will be assigned a mission category by the DoD functional domain owner or component head.

DoD information systems will employ protection mechanisms that satisfy criteria of robustness based on the level of concern for the information to be protected.

Basic security protection mechanisms are equivalent to common security practices while medium and high mechanisms require additional security measures.

Levels of concern are assigned based on the security classification of the information being processed by the information system.