https://armypubs.army.mil/epubs/DR_pubs/DR_a/ARN40471-PPM_CIO-014-000-WEB-1.pdf
DEPARTMENT OF THE ARMY
CHIEF INFORMATION OFFICER
107 ARMY PENTAGON
WASHINGTON DC 20310-0107
__________________
1 Interface - Common boundary between independent systems or modules where interactions take place. (Committee on National
Security Systems (CNSSI) 4009 Glossary - 20150406).
AD-GOV-DS-014
SAIS-AD (25-1rrrr)
MEMORANDUM FOR SEE DISTRIBUTION
SUBJECT: Implementation of Data Service Interface Specifications
1. References. See enclosure.
2. Purpose. Provide Army enterprise-wide guidance on the implementation of data
service specifications, also referred to as application programming interfaces, as well as
data governance guidance.
3. Background. To successfully implement a service-oriented architecture, developers
must define and document interfaces1 (such as application programming interfaces
(APIs)). An interface control document (ICD) defines the interfaces, while an information
exchange specification (IES) defines the information being exchanged across the
boundary. Planning interfaces and exchange specifications carefully are essential to
maintain interoperability, maximize utility, and preserve data security. Enabling
information sharing through interfaces is a DoD-wide objective expressed in the DoD
Data Strategy, Objective 4.2.1 (reference 1a).
4. Guidance. Under the authorities specified in references 1b, 1c, and 1d, and in
accordance with references 1a, 1f and 1g:
a. Program Management Responsibilities: For programs under acquisition oversight,
the Program Manager is responsible for technical implementation of APIs. For programs
already in production and not under acquisition oversight, the Command directing and
responsible for the system will appoint a government official responsible for oversight of
technical implementation of APIs. Specific technical responsibilities are to:
(1) Implement data interfaces in the form of APIs that do not require proprietary
software (such as systems or applications developed using open-source coding) or
technology to exchange information between the program and other DoD systems.
(2) Register all Army data interfaces, payloads, data dictionaries, and versioning
in the Enterprise Data Service Catalog as per reference 1e.
(3) Implement appropriate Data Steward data life cycle management policies
associated with the system data.
12 February 2024
SAIS-AD (25-1rrrr)
SUBJECT: Implementation of Data Service Interface Specifications
2
(4) Implement access controls for externally facing APIs to only approved data
elements with required access controls as per Data Steward Guidance. Program
Managers have authority over data access for internally facing APIs.
(5) Implement Authorizing Official cybersecurity controls and guidance over APIs
required for authority to operate and authority to connect approval.
b. System Owner Responsibilities: Once in production, the command that operates
the system is responsible to maintain the system and its APIs in accordance with the
availability agreed to during system design. The system owner is responsible to inform
the Data Steward(s) associated with API approval concerning the availability of the API
and usage of data traversing the API in accordance with Data Steward guidance. The
System Owner will coordinate with the Data Steward nominated Functional Data
Managers to establish and manage monitoring for usage, performance, maintenance,
and security.
c. API Governance Responsibilities: The CIO and the CDAO will work with Army
leaders to integrate appropriate check points into acquisition and authorization
processes to certify data accessibility and interoperability is met through interfaces and
exchange specifications.
(1) Mission Area Data Officers (MADOs) will identify appropriate data leaders, as
categorized in the DoD Data Stewardship Guidebook, who will approve API content and
access controls for APIs that are externally facing to the Component or enterprise.
(2) APIs that share data outside of their domain and across the enterprise will
require adjudication through the MADO for governance of the API content and will need
to be registered in the Army's enterprise data catalog (e.g., Enterprise Data Service
Catalog (EDSC)).
5. Points of contact.
a. CIO Policy Inbox: usarmy.pentagon.hqda-cio.mbx.policy-inbox@army.mil.
b. OCIO Architecture, Data and Standards Directorate, Data Division (SAIS-ADD):
Mr. Alfred Hull, Data Division Chief, at usarmy.data.management@mail.mil.
LEONEL T. GARCIGAEncl
Chief Information Officer
GARCIGA.LEON
EL.T.1186170411
Digitally signed by
GARCIGA.LEONEL.T.118617041
1
Date: 2024.02.12 15:43:20 -05'00'
SAIS-AD (25-1rrrr)
SUBJECT: Implementation of Data Service Interface Specifications
3
DISTRIBUTION:
Principal Officials of Headquarters, Department of the Army
Commander
U.S. Army Forces Command
U.S. Army Training and Doctrine Command
U.S. Army Materiel Command
U.S. Army Futures Command
U.S. Army Pacific
U.S. Army Europe and Africa
U.S. Army Central
U.S. Army North
U.S. Army South
U.S. Army Special Operations Command
Military Surface Deployment and Distribution Command
U.S. Army Space and Missile Defense Command/Army Strategic Command
U.S. Army Cyber Command
U.S. Army Medical Command
U.S. Army Intelligence and Security Command
U.S. Army Corps of Engineers
U.S. Army Military District of Washington
U.S. Army Test and Evaluation Command
U.S. Army Human Resources Command
U.S. Army Corrections Command
Superintendent, U.S. Military Academy
Commandant, U.S. Army War College
Director, U.S. Army Civilian Human Resources Agency
Executive Director, Military Postal Service Agency
Director, U.S. Army Criminal Investigation Division
Director, Civilian Protection Center of Excellence
Superintendent, Arlington National Cemetery
Director, U.S. Army Acquisition Support Center
CF:
Principal Cyber Advisor
Director of Enterprise Management
Director, Office of Analytics Integration
Commander, Eighth Army
Enclosure
REFERENCES
a. DEPSECDEF (DoD Data Strategy), October 2020.
b. Paperwork Reduction Act, 44 U.S.C., Section 3520 (2006).
c. Paperwork Reduction Act, 44 U.S.C., Section 3511 (2006).
d. DoDI 8320.07 (Implementing the Sharing of Data, Information, and IT Services in the
DoD), 5 December 17.
e. HQDA CIO memorandum, (Army Data Governance Roles and Responsibilities),
1 July 2022.
f. SECARMY memorandum (Army Directive 2009-03, Army Data Management),
30 October 2009.
g. DoD Chief Data Officer Guidance, (DoD Data Stewardship Guidebook),
13 October 2021.
h. DoD Application Programming Interface (API) Technical Guidance, October 2023.