UNCLASSIFIED

UNCLASSIFIED

United States Cyber Command

Instruction (USCCI)

OPR: J8 USCCI 8100-02

DISTRIBUTION: A

Cyber Capabilities Integration and Development System

1. Purpose. This Instruction outlines how United States Cyber Command (USCYBERCOM) will

prioritize and validate joint Cyberspace Operations (CO) capability requirements within

USCYBERCOM and across the Department of Defense (DOD) cyberspace domain, in accordance with

(IAW) its Unified Command Plan (UCP) cyberspace mission responsibilities, and provisions of Title 10

United States Code (USC)§167b.

2. Supersedes/Cancellation. This is the first issuance.

3. Applicability. This Instruction applies to USCYBERCOM, Subordinate Command elements (Cyber

National Mission Force, Joint Force Headquarters Cyber, Joint Force Headquarters-DOD Information

Network(JFHQ-DODIN)), Services, Component Commands, Combatant Commands (CCMDs) and

DOD Agencies or organizations that engage in CO capability development.

4. Responsibilities. Responsibilities are outlined throughout Enclosure 2.

5. Procedures. Procedures are outlined in the Enclosures.

6. Releasability. Cleared for Public Release. This Instruction is approved for public release; distribution

is unlimited. DOD Components, other Federal agencies, and the public may obtain copies of this

instruction.

7. Effective Date. This instruction is effective immediately upon receipt.

ROSS A. MYERS

Rear Admiral, U.S. Navy

Chief of Staff

Enclosures:

Enclosure 1 - Cyber Capabilities Integration and Development System Process Overview

Enclosure 2 - Cyber Capabilities Integration and Development System Deliberate Process – Boards and

Working Groups

Attachment 1 - Glossary of References and Supporting Information

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

2

ENCLOSURE 1

1. CCIDS Process Overview.

1.1. Purpose.

1.1.1. The primary objective of the Cyber Capabilities Integration and Development System

(CCIDS) process is to manage, prioritize, endorse, and/or validate joint CO capability requirements

and ensure interoperability of CO equipment and forces as authorized in 10 USC§167b and as

implemented IAW the Joint Requirements Oversight Council Memorandum National Defense

Authorization Act for Fiscal Year 2017 Section 923 Delegation of Authority for Cyberspace

Capabilities to United States Cyber Command, (JROCM 038-18). Due to the rapidly changing and

complex cyberspace environment, this process consolidates subject matter experts at the operational

level to be more responsive to CO requirements validation, integration and development.

1.1.2. The CCIDS process ensures CO capability requirements directly support operational plans

and strategies to include, but not limited to, National Security Strategy, National Defense Strategy,

National and DOD Cyber Strategies, National Military Strategy, Joint Strategic Campaign Plans,

Joint Staff Global Campaign Plans, Combatant Command Operational Plans, cyberspace operating

concepts, core activity assessments, and capability and programming guidance. CCIDS informs other

processes and assessments to include the DOD Planning Programming Budgeting and Execution and

Defense Acquisition System to deliver quality operational capability solutions to the warfighter in a

timely and cost effective manner.

1.1.3. This Instruction establishes the Cyber Requirements Evaluation Board (CREB) as the

USCYBERCOM equivalent of a Joint Staff (JS) Joint Capabilities Board (JCB) to implement its

authorities as described in Chairman [of the] Joint Chiefs of Staff Instruction (CJCSI) 5123.01 Series,

Charter of the Joint Requirements Oversight Council (JROC) and Joint Capabilities Integration and

Development System (JCIDS) Implementation. The CREB reviews, validates, and prioritizes

requirement documents for CO capability requirements.

1.1.4. This Instruction also establishes the Cyber Capabilities Board (CCB) as the requirements

board equivalent to a JS Functional Capabilities Board (FCB), directly supporting the CREB in the

validation of CO capability requirements. Validated requirements address warfighter capability gaps

utilizing materiel, non-materiel or a combination of both capability solutions.

1.2. Policy.

1.2.1. The Commander (CDR) executes UCP cyberspace mission responsibilities, and under the

provisions of 10 USC§167b, subject to the authority, direction, and control of the Principal Cyber

Advisor (PCA), validates and prioritizes joint CO capability requirements and ensures

interoperability of CO equipment and forces. The CDR delegated this authority to the Deputy

Commander (DCDR).

1.2.2. IAW with JROCM 038-18, joint CO capability requirements, regardless of Sponsor, are

submitted to the JS Gatekeeper, who coordinates with the USCYBERCOM Gatekeeper to determine

the appropriate Joint Staffing Designator (JSD) and document staffing route (i.e., CCIDS or JCIDS).

CCIDS is the deliberate staffing process used for the review and validation of CO capability

requirements, including associated capability gaps, and proposed materiel and/or non-materiel

capability solutions. CCIDS supports cyberspace capability requirements for DODIN operations,

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

3

defensive cyberspace operations (DCO), and offensive cyberspace operations (OCO) as defined

below.

1.2.2.1. Per Joint Publication (JP) 3-12, Cyberspace Operations, CO is the employment of

cyberspace capabilities where the primary purpose is to achieve objectives in or through

cyberspace. All actions in cyberspace that are not cyberspace-enabled activities are taken as part

of one of three cyberspace missions: DCO, OCO, or DODIN operations. Ordinary business

operations in and through cyberspace are “cyberspace-enabled activities” that comprise those

non-intelligence and non-warfighting capabilities, functions, and actions used to support and

sustain DOD forces and components.

1.2.3. CO capability requirements with a JSD of JCB Interest or Joint Information and assigned

to USCYBERCOM follow the CCIDS process, and are staffed through the Joint Staff Knowledge

Management/Decision Support (KM/DS) system on the SECRET Internet Protocol Network

(SIPRNET) (or the Top Secret/Sensitive Compartmented Information (TS/SCI) extension on the Joint

Worldwide Intelligence Communications System (JWICS)). Upload completed CO capability

requirement documents and associated decision memoranda to KM/DS for recordkeeping and

archive.

1.2.4. The USCYBERCOM Gatekeeper acts as the single collection point for internal

USCYBERCOM capability requirements and CO capability requirements assigned to

USCYBERCOM for document staffing.

1.2.5. The JS Gatekeeper may consider assigning a JSD of JROC Interest to initial and successor

documents authored by USCYBERCOM, when validation is expected to assign responsibility to a

Service. Staff CO capability requirement documents assigned a JSD of JROC Interest IAW the

JCIDS process.

1.2.6. All mandatory JCIDS certifications and endorsements for document packages assigned a

JSD of JROC Interest or JCB Interest are performed by the existing JS organizations assigned that

responsibility in CJCSI 5123.01 and the JCIDS Manual, Manual for the Operation of the Joint

Capabilities Integration and Development System (JCIDS). The document Sponsor is responsible for

the certifications and endorsements for Joint Information document packages.

1.2.7. Requirement Validation Boards.

1.2.7.1. The Cyber Requirements Evaluation Board (CREB) is the USCYBERCOM

equivalent of, and executes with the same authority as, a JS JCB when executing its authorities to

validate and prioritize CO capability requirements. The CREB supports the CDR’s

responsibilities to prioritize CO capability requirements and to ensure interoperability of the

cyberspace mission, and ensures that ongoing and future capability development efforts build the

capacity necessary to meet Commander’s Intent and align to operational plans and strategy. The

DCDR serves as the CREB Chair. The CREB reviews, validates, and prioritizes CO capability

requirements submitted from the subordinate USCYBERCOM led CCB.

1.2.7.2. The Cyber Capabilities Board (CCB) is the USCYBERCOM equivalent of, and

performs the same function as, a JS FCB when executing its responsibilities to review and

endorse CO capability requirements. The CCB operates one level below the CREB and advises

the CREB on CO capability requirements, and performs other activities at the direction of the

CREB Chair. The CCB reviews and provides recommendation to the CREB for higher-level

validation. Additionally, the CCB maintains awareness of progress toward satisfying validated

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

4

CO capability requirements and ensures requirement document changes and updates are

submitted in a timely manner. The Director of Capability and Resources Integration (J8) serves

as the CCB Chair.

1.2.7.3. The Cyber Capabilities Working Group (CCWG) operates one level below the

CCB and advises the CCB on CO capability requirements, and performs other activities at the

direction of the CCB Chair. The CCWG supports the initial review and assessment of CO

capability requirement documents and adjudicates any issues prior to review by the CCB. The

Chief, Cyber Requirements and Portfolio Management Division, J81, serves as the CCWG

Chair.

Note: See Enclosure 2 for the roles, responsibilities and functional detail of the CREB,

CCB, and CCWG.

1.3. Process Overview.

1.3.1. The CCIDS process starts with a Service, CCMD, Component Command, or Defense

Agency (Requirement/Document Sponsor) submission of a CO capability requirement document

package (herein document package) into the Joint Staff KM/DS system for endorsement and/or

validation (IAW JCIDS guidance). The USCYBERCOM Gatekeeper supports the JS Gatekeeper

initial document review and JSD assignment. The USCYBERCOM Gatekeeper is the point of entry

to coordinate CO capability requirements assigned for staffing through the CCIDS process. The

USCYBERCOM Gatekeeper supports and facilitates the entire document review and staffing process,

ensuring stakeholder visibility and transparency of CO capability requirements, documents and

issues. Once a requirement is validated through the CCIDS process, the USCYBERCOM Gatekeeper

provides the final version of the document package and associated validation memorandum to the JS

Gatekeeper, via KM/DS, to facilitate transparency across the Joint community.

Note: CO needs in support of existing or soon to be named operations, whose lack of a solution

would result in critical mission failure or loss of life, will be handled by the existing Joint Urgent

Operational Needs (JUON)/Joint Emerging Operational Needs (JEON) process of the JS.

1.4. Process Detail.

1.4.1. Requirement Initiation and CCIDS Process Entry.

1.4.1.1. CO capability requirement identification begins prior to entering the CCIDS

process outlined in Figure 1 below. The requirement Sponsor (USCYBERCOM, Service

Components, Cyber Mission Force Teams, Services, CCMDs, other DOD Components and

Agencies) conducts various types of assessments, to include if necessary, Capabilities-Based

Assessments or other studies to assess needs/requirements, associated capability gaps and risks.

Lessons learned, as identified as part of the Joint Lessons Learned Program, may also serve to

identify requirements and associated capability gaps. In the case of urgent or emergent

operational needs, the scope of the assessment may be reduced to process the requirements in a

timely manner.

1.4.1.2. CO capability requirements must be traceable to an organization’s roles,

responsibilities and missions, Service and Joint concepts, and described in terms of tasks,

standards, and conditions. Associated capability gaps must be assessed relative to capabilities

fielded or in development across the Joint Force, and not just those organic to an organization.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

5

Figure 0. CCIDS Process Overview

1.4.1.3. Sponsors submit document packages into KM/DS. For document packages

developed by USCYBERCOM or submitted to USCYBERCOM, the USCYBERCOM

Gatekeeper coordinates transfer of the document package into KM/DS to initiate document

review and JSD assignment.

1.4.2. Gatekeeper Review.

1.4.2.1. The document review and staffing process ensures stakeholders have visibility

into proposed new CO capability requirements or changes to previously validated CO capability

requirements, and can track the status of requirements through the validation process. This

visibility enables Sponsors to benefit from stakeholder inputs as they refine their CO capability

requirements, ensuring that new or modified CO capability requirements are compatible with,

and collectively provide the best value to, the Joint Cyber Force.

1.4.2.2. The JS and USCYBERCOM Gatekeepers review the document package for

compliance with JCIDS formats and inclusion of applicable supporting content. The JS or

USCYBERCOM Gatekeeper may coordinate with the Sponsor for corrections or required

information prior to staffing. The Gatekeeper may update documents with easily corrected

discrepancies or allow the document to enter staffing as written, if the discrepancy is a minor

formatting error.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

6

1.4.2.3. The USCYBERCOM Gatekeeper coordinates with the JS Gatekeeper to obtain a

JSD of JCB Interest or Joint Information and assignment of the document package to

USCYBERCOM.

1.4.3. CCIDS Staffing Process.

1.4.3.1. The CCIDS process encompasses CO capability requirements that are: a) not

fulfilled within the scope of the current year funds execution; b) naturally aligned to existing

programs of record, which do not have requirement(s) documented in existing approved JCIDS

documents; or c) will naturally flow into traditional JCIDS defined capability development.

Close collaboration between requirements and acquisition communities is key to leveraging

knowledge gained early in the process to enable the development of achievable, risk informed,

capability requirements as well as effective decision making about effective cost, performance,

schedule, and quantity trade-offs.

1.4.3.2. Identification of significant capability gaps typically leads to the development of a

JCIDS defined document (i.e., Initial Capabilities Document (ICD); Information System ICD

(IS-ICD); Capability Development Document; and/or Doctrine, Organization, Training, materiel,

Leadership and Education, Personnel, Facilities, and Policy ((DOTmLPF-P) Change Request

(DCR)) that can then drive development of capability solutions that are materiel, non-materiel, or

a combination of both. When assigned to USCYBERCOM, these traditional JCIDS defined

document packages will be staffed through the CCIDS process following the construct and

staffing timelines outlined in JCIDS to include staffing, review and validation, enabling tradeoffs

and prioritization within or between capability requirement portfolios.

1.4.3.3. For document packages assigned to USCYBERCOM, the USCYBERCOM

Gatekeeper coordinates with the CCWG Chair to assign the document package to a

USCYBERCOM Action Officer (AO) who coordinates review and formal staffing with the

CCWG members and Subject Matter Experts (SMEs) as required. Document staffing will be

coordinated via KM/DS, and the USCYBERCOM Workflow Management System (WMS),

when Command SME engagement is required. The AO provides the Sponsor with CCWG

comments for adjudication and document revision as appropriate. The AO verifies comment

adjudication, ensure all required certifications and endorsements for document packages have

been provided or are on track, and prepare the CCWG brief.

1.4.3.4. The CCWG reviews revised documents and Sponsor’s adjudication of comments.

The CCWG is the forum for identifying and discussing divergent stakeholder views. While

consensus is not required to recommend a requirement proceed forward to the next level of

review, all dissenting views will be captured and briefed to inform the CCB. The CCWG assists

the Chair in reaching a recommendation for the CCB.

1.4.3.5. The CCB evaluates, endorses, prioritizes, and validates (subject to CREB

delegation) CO capability requirements. The CCB considers the CCWG recommendations as

well as any unresolved dissenting stakeholder views or issues. The CCWG AO introduces the

CO capability requirement and the Sponsor SME presents the requirement to the CCB.

1.4.3.6. Document packages that require further review and validation are forwarded to the

CREB. The CCB Chair briefs the CREB with any related comments for discussion, along with a

recommendation for validation. The Sponsor or delegated SME may be present to answer

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

7

questions of a technical nature but do not brief assessments, issues, or recommendations on

behalf of the CCB Chair.

1.4.3.7. The CREB reviews and validates CO capability requirements, and provides

assessment of reviews /adjustments on decisions from the CCB. The CREB supports the CDR’s

responsibilities to prioritize capability requirements and ensure the interoperability of the CO

force. Note: The Sponsor is responsible for addressing interoperability IAW JCIDS guidance.

1.4.3.8. The CREB Chair participates in JCB and JROC reviews when CO capability

requirements are assigned a JSD of JROC Interest. The Vice Chairman of the Joint Chiefs of

Staff serves as the JROC Chair.

1.4.3.9. Output. After document package review and validation, a USCYBERCOM

requirement validation memorandum is prepared for the CREB Chair (CCB Chair if authority

delegated by the CREB Chair) documenting the final validation decision to include any follow-

on actions and recommendations. The USCYBERCOM Gatekeeper retains the final version of

the CO capability requirement documentation, briefings and associated validation

memorandums. The USCYBERCOM Gatekeeper uploads a copy of the final document package

(including associated supporting content and validation memorandum) to KM/DS for records

management and facilitate transparency across the Joint community.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

8

ENCLOSURE 2

2. Boards and Working Groups.

2.1. Cyber Requirements Evaluation Board (CREB).

2.1.1. Role. The CREB is the USCYBERCOM equivalent of, and performs the same authority

as, a JCB, IAW independent validation authorities identified in CJCSI 5123.01 Series.

2.1.1.1. The CREB is the validation authority for CO capability requirement documents

(document packages) assigned to USCYBERCOM with a JSD of JCB Interest or Joint

Information; and reviews and endorses document packages and adjudication of lower level issues

prior to validation.

2.1.1.2. The CREB advises the CDR and serves as the CCIDS process owner and

regulatory council to the validation authority for CO capability requirements. The CREB is

responsible for managing and approving CO capability requirements and provides validation

that:

2.1.1.2.1. Requirements and proposed capability time lines for CO capability

solutions meet the needs of the cyber force.

2.1.1.2.2. Requirements address the priorities of the joint force and do not

represent unnecessary redundancy in capabilities.

2.1.1.2.3. Capability solutions have had appropriate consideration of tradeoffs

between life cycle costs, schedule, risk, and performance and production quantities.

2.1.1.2.4. Estimated total cost of resources required to satisfy the CO capability

requirement are consistent with the priority of the capability requirement.

2.1.1.2.5. Requiring organizations have adequately addressed DOTmLPF-P issues

that could affect the requirement.

2.1.2. Chair. The DCDR serves as the CREB Chair and validation authority for CO capability

requirements. CREB Chair duties include, but are not limited to the following:

2.1.2.1. Validates document packages assigned to USCYBERCOM with a JSD of JCB

Interest or Joint Information.

2.1.2.2. Attends or designates a representative to JROC meetings with topics related to CO

capability requirements.

2.1.2.3. Coordinates oversight of the CCIDS process.

2.1.2.4. Nominates CO capability requirements and other issues requiring JCB or JROC

review.

2.1.3. Secretary. The Director, J8 serves as the CREB Secretary. Duties include, but are not

limited to the following:

2.1.3.1. Serves as principal advisor to the CREB on requirements, resources, and strategic

assessment issues.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

9

2.1.3.2. Supports the CREB Chair in executing CREB responsibilities, including liaison

with the CDR, USCYBERCOM directorates, JS J-8, the Services, DOD agencies, Service

Components.

2.1.3.3. Approves topics for CREB consideration and advises on issues requiring CREB

review.

2.1.3.4. Directs analysis of unresolved issues identified by CCB members for presentation

and adjudication by the CREB Chair.

2.1.3.5. Conducts CREB pre-briefs to ensure topics presented facilitate robust discussion

and CREB decision making.

2.1.3.6. Provides necessary continuity and point of contact to the JS for CREB matters.

2.1.3.7. Elevates, as required, CO capability requirements eligible for or requiring JCB or

JROC review.

2.1.4. Members.

2.1.4.1. The CREB is comprised of general or flag officers, or government civilian

equivalents, from the Services, selected Office of the Secretary of Defense (OSD) directorates,

the JS, and selected DOD Agencies (see Table 1).

2.1.4.2. CREB members are designated by their respective organization. These

individuals should be representatives with significant decision-making authorities over

requirements and can speak on behalf of their respective organization with respect to resources

associated with CO capability requirements validated at the JCB level.

2.1.4.3. CREB membership is by position and may be delegated to individuals authorized

by the CREB member to speak on their behalf.

2.1.4.4. CREB Members participate in all CREB activities.

2.1.4.5. In addition to requests by the CREB Chair, CCMD representatives are highly

encouraged to participate in the CREB when matters related to the area of responsibility or

function of that command will be under consideration by the CREB. Commanders of the

respective CCMDs designate their representative to the CREB.

2.1.5. Members Responsibilities.

2.1.5.1. Advise and assist the CREB Chair on issues within assigned area of

responsibilities and expertise for each document package submitted for CREB review.

2.1.5.2. Review recommendations, endorsements and comment or issue adjudication from

the CCB to assist the CREB Chair in reaching a decision or recommendation.

2.1.5.3. Nominate topics for consideration and advises on issues requiring JCB or JROC

review.

2.1.5.4. Establish priorities for CO capability requirements. Ensure interoperability of

equipment.

2.1.5.5. Perform other duties as assigned to support CREB Chair.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

10

Board Members Board Advisors

USCYBERCOM DCDR, Chair USCYBERCOM

Air Force OSD/Policy

Army OSD/Intelligence

Navy OSD/Acquisition & Sustainment (A&S)

Marine Corp OSD/Research & Engineering (R&E)

Coast Guard OSD/Comptroller

DIA OSD/Cost Assessment and Program Evaluation

(CAPE)

DISA DOD/CIO

NSA CCMD Representatives

PCA AFCYBER

Joint Staff ARCYBER

FLTCYBER

MARFORCYBER

CGCYBER

National Guard Bureau

Table 1. CREB Members and Advisors

2.1.6. Advisors. CREB Advisors (see Table 1) contribute expertise on issues that address

present or future joint warfighting capabilities. Expertise from outside the CREB membership is

essential to robustly review and validate capability requirements. Organizations are encouraged to

provide their advice to the CREB through delegates from their respective organizations.

2.1.7. Secretariat. The Cyber Requirements Process Management Branch, J812, serves as the

CREB Secretariat, and performs CREB administrative duties as directed by the CREB Secretary.

Duties include, but are not limited to the following:

2.1.7.1. Develops the agenda and calls the CREB meetings, organizes CREB work,

provides protocol support, and ensures prompt prosecution of CREB business.

2.1.7.2. Updates the Joint Staff KM/DS system with CREB schedules and presentations.

2.1.7.3. Releases CREB agenda and read-ahead materials not less than 72 hours prior to

the scheduled meeting.

2.1.7.4. Coordinates the actions of the CREB members in their support to the CREB

Chair.

2.1.7.5. Schedules briefings by Services, CCMDs, and other DOD components on issues

that may require CREB resolution or recommendation.

2.1.7.6. Appoints a CREB recorder to document and maintain CREB minutes for

historical records.

2.1.7.7. Posts CREB meeting minutes and actions no later than five (5) business days after

scheduled CREB meeting.

2.1.7.8. Documents decisions and recommendations through CREB memorandums.

2.1.7.9. Develops and establishes CREB administrative procedures.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

11

2.1.8. Battle Rhythm. Scheduled not less than monthly, or more frequently as needed to

accomplish objectives.

2.1.9. Information Availability and Releasability.

2.1.9.1. The CREB Secretary is the approval authority for release of all official

information and documents associated with CREB recommendations and decisions to the JS J8

in response to Congressional defense committees, as needed, or in response to a Government

Accountability Office (GAO) or DOD Inspector General inquiry.

2.1.9.2. Sponsors shall not release a CO capability requirement document or any other

product resulting from execution of the USCYBERCOM CCIDS process in support of GAO

inquiry or in response to a request from a Congressional committee. Sponsors should forward all

GAO, DOD IG, or Congressional committee requests for information to the USCYBERCOM J8

who will coordinate with USCYBERCOM Legislative Affairs when required.

2.1.9.3. The CREB Secretariat maintains all minutes, presentations and memoranda

associated with CREB activities. CREB minutes will be accessible via KM/DS and the

USCYBERCOM CCIDS web portal (website urls referenced in Attachment 1).

2.1.9.4. Validated CREB document packages classified at the level of SECRET or below

are available through KM/DS on SIPRNET. Contact the JS Gatekeeper for access to validated

CREB document packages classified above SECRET or protected by Special Access

Program/Special Access Required (SAP/SAR).

2.2. Cyber Capabilities Board (CCB).

2.2.1. Role. The CCB is the USCYBERCOM equivalent of, and having the same authority as, a

FCB IAW independent validation authorities identified in the CJCSI 5123.01 Series.

2.2.1.1. The CCB operates one level below the CREB and advises the CREB on issues

within and across the CO capability requirement portfolio. The CCB reviews and endorses

document packages assigned to USCYBERCOM with a JSD of JCB Interest or Joint Information

prior to review by the CREB, reviews and validates document packages with a JSD of Joint

Information, and reviews and assesses document packages and adjudication of issues from the

CCWG.

2.2.1.2. The CCB evaluates and prioritizes CO capability requirements based on existing

and anticipated CO capability gaps. The CCB, and other stakeholders, maintain awareness of

progress toward satisfying validated CO capability requirements and assess potential changes to

programs or timelines for their impact to the CO capability portfolio.

2.2.1.3. The CCB is the forum for identifying and discussing divergent stakeholder views.

IAW JCIDS, adjudicate comments pertaining to documents with a JSD of JCB Interest assigned

to CCIDS to the satisfaction of the CCB Chair (on behalf of the validation authority- CREB).

Note: Complete comment adjudication related to joint certifications and endorsements to

the satisfaction of the certifying or endorsing organization. Additionally, at any time the JROC

can elevate the adjudication of a comment that pertains to a performance requirement if the

Chairman of the Joint Chiefs of Staff determines it should be reviewed IAW 10 USC§181(b)(5).

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

12

2.2.2. Chair. The Director, J8 serves as the CCB Chair. CCB Chair duties include, but are not

limited to the following:

2.2.2.1. Supports the CREB in executing CREB responsibilities, including liaison with the

Services, CCMDs, and other DOD Components.

2.2.2.2. Speaks for the CCB and provides CCB recommendations and portfolio

assessments to the CREB, and other departmental forums.

2.2.2.3. Conducts CREB pre-briefs to ensure topic presented facilitate robust discussion

and CREB decision making.

2.2.2.4. Participates in FCB General Officer/Flag Officer Integration Group meetings.

2.2.2.5. Participates in FCB meetings with CO capability requirement topics on the agenda

to ensure USCYBERCOM and CCIDS equities are expressed.

2.2.2.6. Maintains awareness of SAP/SAR protected efforts that affect the CO capability

requirements portfolio.

2.2.2.7. Determines CCWG composition.

2.2.2.8. Determines additional CCB membership when/if necessary, and ensures

appropriate SMEs from JS and stakeholder organizations have reviewed and provided input on

topics prior to review by the CCB.

2.2.2.9. Recommends alternative requirements to provide best value to the CO capability

portfolio.

2.2.3. Secretary. The Chief, J81 serves as the CCB Secretary. Duties include, but are not

limited to the following:

2.2.3.1. Serves as principal advisor to CCB on requirements, resources, and strategic

assessment issues.

2.2.3.2. Supports the CCB Chair in executing CCB responsibilities, including liaison with

the DCDR, JS J-8, the Services, DOD agencies, Service Components.

2.2.3.3. Approves topics for CCB consideration and advises on issues requiring CCB

review.

2.2.3.4. Directs analysis of unresolved issues identified by CCWG members for

presentation and adjudication by the CCB Chair.

2.2.3.5. Conducts CCB pre-briefs to ensure topic presented facilitates robust discussion

and CCB decision making.

2.2.3.6. Elevates, as required, CO capability requirement documents eligible for or

requiring CREB review.

2.2.4. Members.

2.2.4.1. The CCB is comprised of representatives in the grade of O-6, or government

civilian equivalent, from the Services, selected OSD directorates, the JS, and selected DOD

Agencies (see Table 2).

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

13

2.2.4.2. CCB members are designated by their respective organization. These individuals

should be representatives with significant decision-making authorities over requirements and can

speak on behalf of their respective organization with respect to resources associated with CO

capability requirement validated at the FCB level.

2.2.4.3. CCB membership is by position and may be delegated to individuals authorized

by the CCB member to speak on their behalf.

2.2.4.4. CCB Members participate in all CCB activities.

2.2.4.5. In addition to requests by the CCB Chair, CCMD representatives are highly

encouraged to participate in the CCB when matters related to the area of responsibility or

function of that command will be under consideration by the CCB. Commanders of the

respective command designate their CCMD representative to the CCB.

2.2.5. Members Responsibilities.

2.2.5.1. Advise and assist the CCB Chair on issues within assigned area of responsibilities

and expertise for each CO capability requirement document submitted for CCB review.

2.2.5.2. Assist the CCB Chair in reaching a recommendation for the CREB.

2.2.5.3. Advise and assist Sponsors during review, validation, and if necessary revision of

document packages within assigned area of responsibilities and expertise.

2.2.5.4. Review and assesse document packages and adjudication of lower level issues.

2.2.5.5. Support and assign appropriate subject matter expertise to assist with CCB

reviews.

2.2.5.6. Perform other duties as assigned to support CCB Chair and CCIDS

execution/implementation.

2.2.6. Advisors. CCB Advisors (see Table 2) contribute expertise on issues that address present

or future joint warfighting capabilities. Expertise from outside the CREB membership is essential to

robustly review and validate capability requirements. Organizations are encouraged to provide their

advice to the CREB through delegates from their respective organizations.

2.2.7. Secretariat. The J812 serves as the CCB Secretariat, and performs CCB administrative

duties as directed by the CCB Secretary. Duties include, but are not limited to the following:

2.2.7.1. Develops the agenda and calls the CCB meetings, organizes CCB work, and

ensures prompt prosecution of CCB business.

2.2.7.2. Updates KM/DS with CCB schedules and presentations.

2.2.7.3. Releases CCB agenda and read-ahead materials not less than 72 hours prior to the

scheduled meeting.

2.2.7.4. Coordinates the actions of the CCB members in their support to the CCB Chair.

2.2.7.5. Schedules briefings by Services, CCMDs, and other DOD components on issues

that may require CREB resolution or recommendation.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

14

Board Members Board Advisors

USCYBERCOM Dir J8, Chair USCYBERCOM

Air Force OSD/Policy

Army OSD/Intelligence

Navy OSD/A&S

Marine Corp OSD/R&E

Coast Guard OSD/Comptroller

DIA OSD/Cost Assessment and Program Evaluation

(CAPE)

DISA DOD/CIO

NSA CCMD Representatives

PCA AFCYBER

Joint Staff ARCYBER

FLTCYBER

MARFORCYBER

CGCYBER

National Guard Bureau

Table 2. CCB Members and Advisors

2.2.7.6. Appoints a CCB recorder to document and maintain CCB minutes for historical

records.

2.2.7.7. Posts CREB meeting minutes and actions not later than five (5) business days

after scheduled CREB meeting.

2.2.7.8. Documents decisions and recommendations through CCB memorandums.

2.2.7.9. Develops and establishes CCB administrative procedures.

2.2.7.10. Provides records management and archiving of all CCIDS Boards minutes and

validated document packages and revisions.

2.2.8. Battle Rhythm. Scheduled not less than twice monthly, or more frequently as needed to

accomplish objectives.

2.2.9. Information Availability and Releasability.

2.2.9.1. The CCB Secretariat maintains all minutes, presentations and memoranda

associated with CCB activities. CCB minutes will be accessible via KM/DS and the

USCYBERCOM CCIDS web portal (website urls referenced in Attachment 1).

2.2.9.2. Validated CCB documents classified at the level of SECRET or below are

available through the KM/DS on SIPRNET. Contact the JS Gatekeeper for access to validated

CCB document packages classified above SECRET or protected by SAP/SAR.

2.3. Cyber Capability Working Group (CCWG).

2.3.1. Role. The CCWG operates one level below the CCB and advises the CCB on issues

within the CO capability portfolio. Establishment of the CCWG is at the discretion of the CCB Chair

to carry out the responsibilities of the CCB. The CCWG provides initial review and assessment of

CO capability requirements and issues prior to review by the CCB.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

15

2.3.2. Chair. The Chief J81 serves as the CCWG Chair and is the review and endorsement

authority for CO deliberate capability requirements. CCWG Chair duties include, but are not limited

to the following:

2.3.2.1. Supports the CCB in executing CCB and CREB responsibilities.

2.3.2.2. Assists the CCB Chair in managing the CO capability requirements portfolio.

2.3.2.3. Oversees CCWG meetings and coordinates working group actions.

2.3.2.4. Maintains awareness of SAP/SAR protected efforts that affect the CO capability

requirements portfolio.

2.3.2.5. Conducts CCB pre-briefs to ensure topic presented facilitates robust discussion

and CCB decision making.

2.3.2.6. Determines CCWG composition.

2.3.2.7. Determines additional CCWG membership when/if necessary, and ensuring

appropriate SME from stakeholder organizations have reviewed and provided input on topics

under review by the CCB.

2.3.2.8. Assigns an AO to lead review/staffing of the document package.

2.3.2.9. Participates in FCB O-6 Integration Group meetings.

2.3.3. Members.

2.3.3.1. The CCWG is comprised of military, civilian, or contractor support SMEs in the

grade of O5-O6 or government civilian equivalent, from the Services, CCMDs, selected OSD

directorates, JS, and selected DOD Agencies with equities in the CO capability requirement

portfolio.

2.3.3.2. CCWG members are designated by their respective organization. Each

organization ensures its respective representative has subject matter expertise on matters brought

before the CCWG. These individuals should be authorized by their CCB member to speak on

behalf of their respective organization.

2.3.3.3. CCWG Members participate in all CCWG activities.

2.3.3.4. SMEs from USCYBERCOM or other stakeholder organizations may be requested

to participate in documentation review.

2.3.4. Members Responsibilities.

2.3.4.1. Advise and assist the CCWG Chair on issues within assigned area of

responsibilities and expertise for each CO capability requirement document submitted for

CCWG review.

2.3.4.2. Provide initial review and assessment of document packages and issues prior to

review by the CCB.

2.3.4.3. Support and assign appropriate subject matter expertise to assist with CCWG

reviews.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

16

2.3.4.4. Perform other duties as assigned to support CCB Chair and CCIDS

execution/implementation.

2.3.5. Action Officer.

2.3.5.1. Advises and assists Sponsors during review, validation, and if necessary revision

of CO capability requirement documents within assigned area of responsibilities and expertise.

2.3.5.2. Coordinates CCWG document-staffing actions, to include verification of

comment adjudication, and ensures required document package certifications and endorsement

(e.g., mandatory Key Performance Parameters, minimum threshold values) have been provided

or are on track.

2.3.5.3. Provides the Sponsor with CCWG comments, including those of appropriate

SMEs, for adjudication and document revision as appropriate.

2.3.5.4. Confirms CCWG context briefings and sponsor issue presentations are reviewed

and prepared appropriately for the CCWG and CCB.

2.3.6. Secretariat. The J812 serves as the CCWG Secretariat, and performs CCWG

administrative duties as directed by the CCWG Chair. Duties include but are not limited to the

following:

2.3.6.1. Develops the agenda and calls the CCWG meetings, organizes CCWG work, and

ensures prompt prosecution of CCWG business.

2.3.6.2. Coordinates the actions of the CCWG members in their support to the CCWG

Chair.

2.3.6.3. Appoints a CCWG recorder to document and maintain CCWG minutes for

historical records.

2.3.6.4. Documents decisions and recommendations through CCWG minutes.

2.3.6.5. Develops and establishes CCWG administrative procedures.

2.3.7. Battle Rhythm. Scheduled weekly or more frequently as needed to accomplish

objectives.

2.4. Gatekeeper.

2.4.1. Gatekeeper Role. The Gatekeeper’s assigned day-to-day coordination of CO capability

requirements and provides the single point of entry into and release from the CCIDS process as

outlined in this Instruction. The Chief, J81 implements the responsibilities of the Gatekeeper.

2.4.2. Gatekeeper Assignment. The Chief, J81 assigns the AO to lead and manage the

USCYBERCOM Gatekeeper function.

2.4.3. Gatekeeper Responsibilities.

2.4.3.1. Serves as the single point of entry for coordination of CO capability requirement

documents to include revisions that require CCIDS endorsement, validation, or coordination

IAW this Instruction.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

17

2.4.3.2. Facilitates communications and coordination with the JS Gatekeeper, Sponsor and

stakeholder principals.

2.4.3.3. Coordinates requests for assignment of JSD with the JS Gatekeeper.

2.4.3.4. Coordinates the staffing of JS delegated CO capability requirement documents via

KM/DS.

2.4.3.5. Submits validated document packages and revisions (including associated

supporting content and validation memorandum) to KM/DS within 14 days of validation.

2.4.3.6. Monitors progress of efforts toward fielding capability solutions.

2.4.3.7. Coordinates with JS Gatekeeper for status on progress of efforts towards fielding

CO capability solutions for JUONs and JEONs with USCYBERCOM equities and

communicates that status to organizations with equities within USCYBERCOM.

2.4.3.8. Manages requirements dashboard and associated J8 portal sites used to support the

CCIDS process and associated board and working group activities.

2.4.3.9. Generates metrics related to CCIDS processes and incorporates into requirements

dashboard. Conducts annual review of DCR implementation.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

18

ATTACHMENT 1

Glossary of References and Supporting Information

References

10 USC§167b, Unified combatant command for cyber operations

10 USC§181, Joint Requirements Oversight Council

Department of Defense Dictionary of Military and Associated Terms, November 2018

DODD 5113.13, Assistant Secretary of Defense for Homeland Defense and Global Security

(ASD(HD&GS)), 23 March 2018

DODI 8330.01, Interoperability of Information Technology (IT), Including National Security Systems

(NSS), 21 May 2014

JP 3-0, Joint Operations, 17 January 2017, incorporating Change 1, 22 Oct 2018

JP 3-12, Cyberspace Operations, 8 June 2018

JP 6-0, Joint Communications System, 10 June 2015

CJCSI 5123.01H, Charter of the Joint Requirements Oversight Council (JROC) and Joint Capabilities

Integration and Development System (JCIDS) Implementation, 31 August 2018

Joint Requirements Oversight Council Memorandum (JROCM) 038-18, National Defense Authorization

Act for Fiscal Year 2017 Section 923 Delegation of Authority for Cyberspace Capabilities to United

States Cyber Command, 20 April 2018

JCIDS Manual, Manual for the Operation of the Joint Capabilities Integration and Development System

(JCIDS), 31 August 2018

Websites

KM/DS web portal url. On SIPRNET – https://jroc.mdsbpm.js.smil.mil/bizflow/bizindex.jsp

USCYBERCOM CCIDS web portal url.

On SIPRNET – https://intelshare.intelink.sgov.gov/sites/uscybercom/ccids/sitepages/home.aspx

On JWICS – https://uscybercom.sp.web.nsa.ic.gov/sites/cybernet/j8/ccids/sitepages/home.aspx

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

19

Acronyms

AO Action Officer

CCIDS Cyber Capabilities Integration & Development System

CCB Cyber Capabilities Board

CCMD Combatant Command

CCWG Cyber Capabilities Working Group

CDR Commander

CJCSI Chairman Joint Chiefs of Staff Instruction

CO Cyberspace Operations

CREB Cyber Requirements Evaluation Board

DCDR Deputy Commander

DCR DOTmLPF-P Change Requests

DOD Department of Defense

DODD Department of Defense Directive

DODI Department of Defense Instruction

DODIN Department of Defense Information Network

DOTmLPF-P Doctrine, Organization, Training, Materiel, Leadership and Education,

Personnel, Facilities, and Policy

FCB Functional Capabilities Board

GAO Government Accountability Office

IAW in accordance with

ICD Initial Capabilities Documents

JEON Joint Emergent Operational Needs

JP Joint Publication

JROC Joint Requirements Oversight Council

JROCM Joint Requirements Oversight Council Memorandum

JS Joint Staff

JSD Joint Staffing Designator

JUON Joint Urgent Operational Needs

JWICS Joint Worldwide Intelligence Communications System

KM/DS Knowledge Management/Decision Support

OSD Office of the Secretary of Defense

PCA Principal Cyber Advisor

SAP Special Access Program

SAR Special Access Required

SME Subject Matter Expert

USC United States Code

USCYBERCOM United States Cyber Command

Definitions

Capability. The ability to complete a task or execute a course of action under specified conditions and

level of performance. (SOURCE: DOD Dictionary of Military and Associated Terms)

Capability Gap. The inability to meet or exceed a capability requirement, resulting in an associated

operational risk until closed or mitigated. The gap may be the result of no fielded capability, lack of

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

20

proficiency or sufficiency in a fielded capability solution, or the need to replace a fielded capability

solution to prevent a future gap. (SOURCE: CJCSI 5123.01H)

Capability Requirement. A capability required to meet an organization’s roles, functions, and

missions in current or future operations. To the greatest extent possible, capability requirements are

described in relation to tasks, standards, and conditions IAW the Universal Joint Task List or equivalent

DOD component task list. If a capability requirement is not satisfied by a capability solution, then there

is also an associated capability gap. A requirement is considered to be “draft” or “proposed” until

validated by the appropriate authority. (SOURCE: CJCSI 5123.01H)

Capability Requirements Document. Any document used to articulate either deliberate or

urgent/emergent capability requirements and associated information pertinent to review and validation.

(SOURCE: CJCSI 5123.01H)

Capability Solution. A materiel solution or non-materiel solution to satisfy one or more capability

requirements and reduce or eliminate one or more capability gaps. (SOURCE: CJCSI 5123.01H)

Cyberspace. A global domain within the information environment consisting of the interdependent

networks of information technology infrastructures and resident data, including the Internet,

telecommunications networks, computer systems, and embedded processors and controllers. (SOURCE:

JP 3-12).

Cyberspace Capability. A device or computer program, including any combination of software,

firmware, or hardware, designed to create an effect in or through cyberspace. (SOURCE: JP 3-12)

Cyberspace Operations (CO). The employment of cyberspace capabilities where the primary purpose

is to achieve objectives in or through cyberspace. [Note: CO are categorized as either cyberspace-

enabled activities, which are the routine uses of cyberspace to accomplish assigned military duties, or

one of three CO missions: DODIN operations, defensive cyberspace operations (DCO), offensive

cyberspace operations (OCO), categorized by the intent of the commander issuing the mission order.]

(SOURCE: JP 3-12)

Document Sponsor. The organization submitting a capability requirement document. Solution

sponsors for successor documents-Capability Development Documents (CDDs), Information Systems –

CDDs (IS-CDDs), and Joint DOTmLPF-P Change Recommendations (Joint DCRs) - may be different

from the Requirement Sponsors for initial documents- Initial Capabilities Documents (ICDs),

Information Systems – ICDs (IS-ICDs), Urgent Operational Needs (UONs), Joint UONs (JUONs), and

Joint Emergent Operational Needs (JEONs). Different Sponsors for requirements and solutions can

occur when the initial document Sponsor does not have acquisition authority and a different organization

is designated to develop and field a capability solution, or when one Sponsor elects to leverage a

validated document generated by a different Sponsor. (SOURCE: JCIDS Manual)

Interoperability.

1. The ability to act together coherently, effectively, and efficiently to achieve tactical, operational, and

strategic objectives. (JP 3-0)

2. The condition achieved among communication-electronics systems or items of communications-

electronics equipment when information or services can be exchanged directly and satisfactorily

between them and/or their users. (JP 6-0)

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

21

3. The ability of systems, units, or forces to provide data, information, materiel, and services to, and

accept the same from, other systems, units, or forces, and to use the data, information, materiel, and

services exchanged to enable them to operate effectively together. Information Technology

interoperability includes both the technical exchange of information and the end-to-end operational

effectiveness of that exchange of information as required for mission accomplishment. Interoperability

is more than just information exchange. It includes systems, processes, procedures, organizations, and

mission over the life cycle and must be balanced with cybersecurity (formerly Information Assurance).

(DODI 8330.01)

Joint. Connotes activities, operations, organizations, etc., in which elements of two or more Military

Departments participate. (SOURCE: DoD Dictionary of Military and Associated Terms) [Note that

this definition of “joint” is applicable to capability requirements documents and capability solutions,

which apply to more than one DoD component. (SOURCE: CJCSI 5123.10H)]

Joint Staffing Designator (JSD). Sets the staffing path and timeline for a requirement document and

identifies the validation authority. To maximize speed and flexibility in the JCIDS process, JSDs will be

set at the lowest level in which the joint equities are addressed. JSDs may be changed during active

staffing, but will not be revisited for a subsequent submission of the same document unless the lead FCB

submits a request for JSD change to the Joint Staff Gatekeeper. (SOURCE: JCIDS Manual)

Materiel (Capability Solution). All items (including ships, tanks, self-propelled weapons, aircraft, etc.,

and related spares, repair parts, and support equipment, but excluding real property installations, and

utilities) necessary to equip, operate, maintain, and support military activities without distinction as to its

application for administrative or combat purposes. (SOURCE: DoD Dictionary of Military and

Associated Terms)

materiel (Capability Solution). The letter “m” in the acronym is usually lower case since Joint DCRs

do not advocate new materiel development, but rather advocate identification of materiel items, systems,

or equipment needed to support the required capability increased quantities, modifications,

improvements, or alternate applications of existing materiel or the purchase of Commercial Off-The-

Shelf (COTS), Government Off-The-Shelf (GOTS), or Non-Development Items (NDI). Sometimes

referred to as “little m” materiel, the materiel (DOTmLPF-P) consideration is everything necessary to

equip DoD forces to operate effectively. Materiel includes ships, tanks, self-propelled weapons, aircraft,

related spares, repair parts, and support equipment, but excludes real property, installations, and utilities.

(SOURCE: JCIDS Manual)

Non-materiel (Capability Solution). Changes to doctrine, organization, training, (fielded) materiel,

leadership and education, personnel, facilities, and/or policy, implemented to satisfy one or more

capability requirements (or needs) and reduce or eliminate one or more capability gaps, without the need

to develop or purchase new materiel capability solutions. (SOURCE: DoD Dictionary of Military and

Associated Terms)

Principal Cyber Advisor (PCA). The Principal Cyber Advisor (PCA) for USCYBERCOM, designated

by the Secretary of Defense, provides direction and control for the administration and support of

USCYBERCOM, including matters related to readiness and organization of assigned forces, equipment

and resources peculiar to cyber operations and civilian personnel consistent with Section 923 of NDAA

2014, and 10 USC§167b. (SOURCE: DODD 5113.13).

Requirement. See Capability Requirement.

Requirement Sponsor. See Document Sponsor.

UNCLASSIFIED

USCCI 8100-02

UNCLASSIFIED

22

Solution Sponsor. See Document Sponsor.

Sponsor. See Document Sponsor.

Validation. The review and approval of capability requirement documents by a designated validation

authority. The JROC is the ultimate validation authority for capability requirements unless otherwise

delegated to a subordinate board or to a designated validation authority in a Service, CCMD, or other

DOD component. (SOURCE: CJCSI 5123.01H) NOTE: The CREB serves as the CCIDS regulatory

council to the validation authority for CO deliberate capability requirements within USCYBERCOM.

(SOURCE: CJCSI 5123.01H)

Validation Authority. The designated authority for validation of JCIDS capability requirement

documents. The JROC is the ultimate validation authority for capability requirements unless otherwise

delegated to a subordinate board or to a designated validation authority in a Service, CCMD, or other

DOD component. The validation authority is dependent on the JSD of the document. (SOURCE: JCIDS

Manual) NOTE: The DCDR is the validation authority for capability requirements within

USCYBERCOM.