https://armypubs.army.mil/epubs/DR_pubs/DR_a/ARN44572-PPM_CIO-084-000-WEB-1.pdf
10 U.S.C. § 2222. Defense business systems: business process reengineering ; enterprise architecture;
management. The definition of DBS is very broad, but it is mainly focused on those listed categories. A
"covered defense business system" means a defense business system that is expected to have a total
amount of budget authority, over the period of the current future-years defense program in excess of
$50,000,000. DBS which are under the threshold of $SOM are not treated in the same manner as
covered DBS. https://uscode.house.gov/view.xhtml?req=(title: 10%20section:2222%20edition :prelim)
DEPARTMENT OF THE ARMY
CHIEF INFORMATION OFFICER
107 ARMY PENTAGON
WASHINGTON DC 20310-0107
ADS-GOV-BT-084
SAIS-ADS (25-1rrrr) 31 July 2025
MEMORANDUM FOR SEE DISTRIBUTION
SUBJECT: Defense Business System Determination and Implementation Guidance
1. References.
a. 44 U.S.C. § 3502.
b. 10 U.S.C. § 2222.
2. Purpose. The Army has initiated a strategy to optimize Defense Business Systems
(DBS) to realize substantial cost reductions, operational efficiency, and performance
improvements. To facilitate this effort, Army leadership has formulated the DBS
determination guidance to enhance clarity, accountability, and governance over
systems critical to the operational functions of the U.S. Army. The guidance defines a
DBS, facilitating appropriate binning, legal compliance, budget management, and
connection with Department of Defense (DoD)-wide strategic goals ultimately
enhancing mission readiness and operational efficiency.
3. Background.
a. A DBS, as defined by 10 U.S.C. § 2222, is an information system used by or for
the DoD to improve its efficiency and agility for its core business operations (like
financial management and financial feeders, contracting, logistics, planning and
budgeting, installations management, human resources management and training and
readiness)1 which enables data-driven decision-making, promotes data governance
through authoritative data sources, and supports modernization by centralizing data and
processes.
1
44 U.S.C. § 3502 defines an "information system" as
SAIS-ADS (25-1rrrr)
SUBJECT: Defense Business System Determination and Implementation Guidance
b. Any DBS developed, deployed, and operated by the DoD must
(1) support efficient business processes that have been reviewed and, as
appropriate, revise the processes through business process reengineering;
(2) be integrated into a comprehensive defense business enterprise architecture;
(3) be managed in a manner that provides visibility into, and traceability of,
expenditures for the system; and
(4) use an acquisition and sustainment strategy that prioritizes the use of
commercial software and business practices.
c. An authoritative data source is defined as a trusted and verified origin of data that
is considered the primary and most reliable source for information. An authoritative
source is the single source that all other information technology (IT) systems or
processes should rely on for specific information. Functional representatives of other IT
systems, applications and/or platforms can rely on the authoritative source is the single
recognized data asset for specific information or category of information.
d. The definition of DBS excludes National Security Systems (NSS) that are
designed for intelligence, military operations, or other national security-related activities.
Also excluded are systems used exclusively by and within the Defense Commissary
System (DeCA), the Exchange System, or other instrumentality of the DoD for the
Morale, Welfare, and Recreation (MWR) of members of the Armed Forces using Non-
Appropriated Funds (NAF).
4. Guidance. For DBS identification within the Army, the following clarifications should
be applied
a. A DBS is a comprehensive software solution that integrates both front-end and
back-end technologies to support Army business operations. It would be designed to
handle data processing, security, interoperability, and compliance.
b. Systems or technologies that do not meet the Information System (IS) definition
are excluded from consideration as a DBS.2 (For example, see Defense Business
Applications and Business IT as described below.)
c. Defense Business Systems (DBS) and Defense Business Applications (DB App)
are authoritative data sources providing verifiable, timely, accurate, and reliable
a discrete set of information resources organized
for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.
2
2
activities but does not meet the definition of"
"Defense Business App" are not considered DBS
Full Stack" or
The statute at 10 U.S.C. § 2222 requires certification for covered defense business systems, which are
systems over $50M; but the Army requires systems $25M or more to be certified. This additional
requirement is by Army policy.
4 Static websites are not DBS, but complex websites with interaction and the ability to conduct
transactions are potentially a DBS. Also, a system with a web interface is not considered a static website.
SAIS-ADS (25-1rrrr)
SUBJECT: Defense Business System Determination and Implementation Guidance
business data that support enterprise-wide decision-making and operational oversight.
Its authoritative status is established through compliance with statutory requirements,
integration into the Defense Business Enterprise Architecture, and formal governance
and certification processes.
d. Certification of DBS:
(1) Enterprise-Managed Full Stack System is any system with a total value of
$25M or more over the Future Years Defense Program (FYDP). These systems will be
certified by the Chief Information Officer (CIO).3
(2) A Non-Enterprise-Managed Full-Stack system is any system with a total value
of less than $24.999M. These systems will be certified by the applicable portfolio
manager within the corresponding Domain, unless the system is designated by the CIO
as an Army Special Interest system. Special interest systems will be certified by the
CIO instead of the owning command.
e. Defense Business Applications (DB Apps) is a specific functional/command
capability developed within low-code/no-code platform that produces authoritative data
and can be treated as an information system independently of the Enterprise
Information Environment Mission Area (EIEMA) platform on which it was constructed.
To ensure proper oversight DB Apps must be registered properly within the Army
Portfolio Management Solution (APMS) and the Army Data Catalog (ADC). DB Apps
are not considered Defense Business Systems.
f. Business Mission Area (BMA) Business IT (non-DBS) that supports business
Enterprise Managed
as determined by the classification
workflow present in this document. For example, static websites are not considered
business systems as they provide information, facilitate public communication, serve as
a general reference, deliver command messaging, or present training materials. These
websites contain only static, document-based content that is manually maintained.4
Websites and decision aids that primarily offer information, communication, or reference
resources, or visualize or present unchanged information derived from authoritative
sources, are classified as non-defense business systems.
g. Enterprise Information Environment Mission Area (EIEMA) systems refer to the
structured use of information technology that enables agility and responsiveness to
support and enhance operations. This includes computing infrastructure for the
3
3
Management Requirement
APMS Registration
DITPR Registration
eMASS Registration
Produces Authoritative Business Data
CNS Approva l Authority
Budget Certificati on Authority
BEA Assessment Frequency
ADC Regi stration
ATO Requirement
LC/NC Reg istrat ion
BPR Frequency
Example
Enterprise-Managed Full
Stack System (>c $2SM)
Yes
Yes
Yes
Yes
ABC
ABC
Yearly
Yes
Yes
NI A
Initial and 3-Year Cycle
IPPS·A, GFEBS
Non-Enterprise Managed
Full·stackSystem
(~$24.999M)
Yes
Yes
Yes
Yes
ABC Coe (EIG)
Functional Lead
3·Year Cycle
Yes
Yes
NI A
Initial and S·Year Cycle
AUTONOA ,USAMIS
Defense Business App BMA Business IT EIEMA
Child Yes Yes
No No Yes
No Data Steward Yes
Determined
Yes No No
ABC Coe (EIG) ABC Coe (EIG ) if > $2M AUNC
Functional Lead NI A No
3·Year Cycle NIA NIA
Yes NIA Da ta Steward
Determined
lnherfted Data Steward Yes
Determined
Yes NI A NI A
Initial and S-Year Cycle NIA NIA
Small Arms Accounting, Web Sites, Power Apps ,
13Log IT Decision Aids Appian
A "shared service" platform is an existing LCNC-capable environment, such as A365 or Appian, that has
been designated by OCIO as eligible for hosting Business Apps.
The Army Business Enterprise Architecture (ABEA) is an integrated Architecture encompassing Army
Business Mission Area (BMA) processes, including the major End-to-Ends (E2Es) and supporting
information, used in support of 10 USC 2222 compliance and business system portfolio management. It
is maintained and available within the Enterprise Knowledge Repository (EKR) at
SAIS-ADS (25-1rrrr)
SUBJECT: Defense Business System Determination and Implementation Guidance
automatic acquisition, storage, manipulation, management, control, and display of data
or information. EIEMA systems are common-use (shared)5 IT assets that provide
foundational infrastructure supporting BMA mission specific business functions are
designed to streamline logistics, financial management, human resources, contracting,
and training readiness, ensuring that the Army operates efficiently and effectively.
EIEMA systems are not considered DBS.
Army DBS Determination Table
5. Once the information system's classification is determined, its role in supporting
business activities is assessed through:
a. Evaluating whether it directly supports one or more business activities or
processes within the End-to-End (E2E) framework of the Army Business Enterprise
Architecture (ABEA), either by generating transactional data or providing decision
support.
b. Determining whether it contains authoritative business data defined as outputs
of ABEA business activities or E2E processes or originates business data
subsequently feeds into an authoritative source.6
5
6
4
Out of Scope WMA
t Information Techno lo gy, Per 40 USC 11101 definition
II Authoritative business data, BEA Check per 10 USC 2222
± Implemented on a sh ared service low code/no code platform
BMA Businass IT Ent• rpri s11-Mana1ed
Full-Stack DBS
Def•ns• Businus App
https://ea.ekr.cprobe.army.mil and further information is available within the ABEA Team site
Non-Enterprise
Manaaed Full-Stack
DBS
BMA oversight Requi~
(https://dod.teams.microsoft.us/l/team/19%3Adod%3A8a0d5a202d644c29b9f7ecb6f73622af%40thread. ta
cv2/conversations?groupld=e09996ec-dda5-4fc4-92f4-a4e66f390f3e&tenantld=fae6d70f-954b-4811-
92b6-0530d6f84c43)
SAIS-ADS (25-1rrrr)
SUBJECT: Defense Business System Determination and Implementation Guidance
c. The CIO is the final approval, in the instance of a discrepancy.
6. Key Components of the Definition.
a. Classification Workflow.
b. Authoritative Source. While not all DBS are authoritative sources, the Chief Data
and Analytics Officer (CDAO) (or appointed Data Stewards) can officially designate an
authoritative source for specific data domains. This designation means:
(1) The system contains the official authoritative or single "source of truth" for
designated data elements.
(2) Other systems should reference this data rather than maintaining duplicative
records.
(3) Changes to this data should occur in the authoritative system first.
(4) The data has a higher level of governance and quality control.
7. Duration. This guidance is effective upon signature and stays in effect until
superseded. The CIO will review the guidance for updates and or recission.
5
GARCIGA.LE
ONEL.T.1186
170411
Digitally signed by
GARCIGA.LEONEL.T.11
86170411
Date: 2025.07.31
12:15:34 -04'00'
SAIS-ADS (25-1rrrr)
SUBJECT: Defense Business System Determination and Implementation Guidance
8. Points of Contact:
a. CIO Policy Inbox: usarmy.pentagon.hqda-cio.mbx.policy-inbox@army.mil
b. Dr. Audrey Smith, (571) 256-9808, audrey.d.smith30.civ@army.mil
LEONEL T. GARCIGA
Chief Information Officer
DISTRIBUTION:
Principal Officials of Headquarters, Department of the Army
Commander
U.S. Army Forces Command
U.S. Army Training and Doctrine Command
U.S. Army Materiel Command
U.S. Army Futures Command
U.S. Army Pacific
U.S. Army Europe and Africa
U.S. Army Central
U.S. Army North
U.S. Army South
U.S. Army Special Operations Command
Military Surface Deployment and Distribution Command
U.S. Army Space and Missile Defense Command/Army Strategic Command
U.S. Army Cyber Command
U.S. Army Medical Command
U.S. Army Intelligence and Security Command
U.S. Army Corps of Engineers
U.S. Army Military District of Washington
U.S. Army Test and Evaluation Command
U.S. Army Human Resources Command
U.S. Army Corrections Command
Superintendent, U.S. Military Academy
Commandant, U.S. Army War College
Director, U.S. Army Civilian Human Resources Agency
Executive Director, Military Postal Service Agency
Director, U.S. Army Criminal Investigation Division
Director, Civilian Protection Center of Excellence
Superintendent, Arlington National Cemetery
Director, U.S. Army Acquisition Support Center
(CONT)
6
SAIS-ADS (25-1rrrr)
SUBJECT: Defense Business System Determination and Implementation Guidance
DISTRIBUTION: (CONT)
CF:
Principal Cyber Advisor
Director, Office of Analytics Integration
Commander, Eighth Army
7