DEPARTMENT OF THE NAVY
OFFICE OF THE SECRETARY
1000 NAVY PENTAGON
WASHINGTON, D.C. 20350-1000
SECNAVINST 5239.19A
OCIO
04 Sep 2019
SECNAV INSTRUCTION 5239.19A
From: Secretary of the Navy
Subj: DEPARTMENT OF THE NAVY COMPUTER NETWORK INCIDENT RESPONSE
AND REPORTING REQUIREMENTS
Ref: See enclosure (1)
Encl: (1) References
(2) Definitions
(3) Responsibilities
(4) Incident Categories
(5) Cybersecurity Service Provider (CSSP) Contact
Information
1. Purpose. Establish Department of the Navy (DON) computer
incident handling policy consistent with reference (a), and to
align and integrate DON computer incident handling and reporting
requirements with the Department of Defense (DoD) policy in
references (b) and (c).
2. Cancellation. SECNAVINST 5239.19.
3. Definitions. See enclosure (2).
4. Applicability
a. This instruction applies to:
(1) The Offices of the Secretary of the Navy (SECNAV),
the Chief of Naval Operations (CNO), the Commandant of the
Marine Corps (CMC), and all U.S. Navy, U.S. Marine Corps
installations, commands, activities, field offices, and all
other organizational entities within the DON.
(2) This instruction applies to all DON owned,
controlled, and contractor owned information systems that
receive, process, store, display, or transmit DoD information,
regardless of mission assurance category, classification, or
sensitivity. Actions or missions executed in support of this
