Governance & Program Info

ISR Analytics & Persistent Surveillance — Governance

Cross-builder institution context and per-item ownership, due dates, status, and next actions for the governance-relevant checklist items in this builder.

← Back to checklist
Institution context
Program info
Applies across every builder in the app. Stored locally; nothing leaves the browser.
Checklist governance
Items (0 of 14 marked complete)
Annotate ownership, due date, status, and next action. Items on the left come from the builder's governance / compliance phases.
05 · Governance & Compliance
Produce DoD AI Ethical Principles evidence package
required
One artifact per principle — Responsible, Equitable, Traceable, Reliable, Governable.
05 · Governance & Compliance
Complete DoDI 5000.82 / T&E package for AI-enabled system
required
Test & evaluation artifacts consistent with DoDI 5000.82 requirements and the DoD T&E Master Plan update for AI.
05 · Governance & Compliance
Complete DoDD 3000.09 senior review (if lethality-adjacent)
required
USD(P), USD(R&E), CJCS senior review package for autonomy in weapons systems where applicable.
05 · Governance & Compliance
Establish model card, data card, and known-limitations disclosure
required
Public-to-the-program model card including training data characterization, known failure modes, and unsupported use cases.
05 · Governance & Compliance
Execute derivative classification review of trained model weights
required
Original classification authority review of model weights as a derivative product.
05 · Governance & Compliance
Specify cross-domain solution for multi-classification fusion
requiredtrinidy
NSA-evaluated CDS required when inference fuses features from different classification levels.
05 · Governance & Compliance
Confirm IL5 / IL6 DoD Cloud SRG accreditation path
required
Workload mapping to the correct DoD Cloud SRG Impact Level with a named accredited provider.
05 · Governance & Compliance
Apply ITAR / EAR export control review to model artifacts
required
Training data, model weights, and deployable artifacts reviewed for ITAR / EAR classification and export constraints.
05 · Governance & Compliance
Apply DFARS 252.204-7012 / NIST SP 800-171 to CUI handling
required
Contractor systems handling CUI in the training pipeline must meet DFARS 7012 / NIST SP 800-171 baseline.
05 · Governance & Compliance
Achieve CMMC 2.0 certification at required level
required
Contractor CMMC 2.0 Level 2 or Level 3 certification consistent with contract requirements.
05 · Governance & Compliance
Execute U.S. persons data handling review (E.O. 12333 §2.3 procedures)
required
Confirm collection, retention, and dissemination of any U.S. persons data in training or operation meets AG-approved procedures.
05 · Governance & Compliance
Apply GEOINT Functional Manager guidance (GEOINT FM-1 series)
recommended
NGA GEOINT Functional Manager guidance on analytic tradecraft, dissemination, and GEOINT production standards.
05 · Governance & Compliance
Establish IC-ITE / JWICS accreditation path for classified infrastructure
required
Accreditation against IC IT Enterprise standards for any TS/SCI-resident component.
05 · Governance & Compliance
Document Replicator / Maven Smart System integration compliance
recommended
If integrating with the Maven Smart System ecosystem or Replicator portfolio, conform to published CDAO integration standards.