Headquarters Marine Corps
Policy and Guidance


This page is intended as a resource guide, containing documents related to the Marine Corps Cybersecurity Program. Links to referenced materials are listed below each agency.  


Enterprise Cybersecurity Manuals

Per 10 U.S.C. and 40 U.S.C. Subtitle III, the Director C4 designates the Marine Corps Senior Information Security Official (SISO), who issues Marine Corps Enterprise Cybersecurity Manuals (ECSMs). The ECSM series provides modules that guide the implementation of policy direction as stated in MCO 5239.2A, Marine Corps Cybersecurity Program (MCCSP), "provides cybersecurity policy, procedures, tasks, conditions, and standards implementation guidance applicable to enhance and enable command and control on the MCEN."

The modules provide procedural, technical, administrative and supplemental guidance for all information systems used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission or receipt of data within the Marine Corps Enterprise Network (MCEN) as well as other Marine Corps Information Systems. Each module focuses on a distinct subject and describes a standard methodology for planning, implementing and executing an element of the MCCSP. The Marine Corps ECSM series will be the authoritative source for implementation of cybersecurity policy direction. 

Points of Contact

  • Compliance Branch / Cybersecurity

    Headquarters Marine Corps IC4 ICC-Cybersecurity Branch

    Pentagon, Room 1D247
    Washington, DC 20350-3000

Available Enterprise Cybersecurity Manuals (As of 29 March 2024) 

The Enterprise Cybersecurity Manuals are sensitive documents and are viewable only to those with a "lawful government purpose", valid SharePoint Online account holders.

ECSM_001_Computer_Security_Incident_Handling_(CSIH)_19_Sep_2012 ECSM_004_Remote_Access_Systems_(RAS)_16_Dec_2013
ECSM_008_Cross_Domain_Solution_Signed_ (Searchable)_15_Feb_2019
ECSM_012_Cybersecurity_Reference_Architecture_(MCEN_CRA)_Framework, 2024
ECSM_014_Disaster_Recovery_(DR)_and_Contingency_Planning_(CP)_ 16_Feb_2018
ECSM_018_Marine_Corps_Assessment _and_ Authorization_Process_(MCAAP)_Version_7_Jan_2024 ECSM_019_POR_Cybersecurity_Playbook_v1_5_Feb_2024
ECSM_020_Information_Assurance_Vulnerability_Management_Program_(IAVM)_13_Jan_2014 ECSM_021_Ports,_Protocols_and_Services_Management_(PPSM)_ 3_May_2012
ECSM_024_Marine_Corps_CYWF_Qualification_Program_28_ June_2019



Collapse All Expand All
 ECMS 012, Published 2024, Supercedes the following:
  • ECSM 002 Firewalls, Version 2.1, 11 June 2012;
  • ECSM 003 Routers, Version 2.0, 30 September 2011;
  • ECSM 006 Virtual Private Networks, Version 2.0, 15 September 2015;
  • ECSM 012 Marine Corps Enterprise Network (MCEN) Cybersecurity Architecture, Version 1.0, 01 May 2015


Last Update 29 March 2024

Headquarters Marine Corps