This policy governs the acquisition process for information assurance products for national security systems.