Primary Governing VA Policies
- VA Directive 6102 | Internet and Intranet Services – Establishes the Department of Veterans Affairs (VA) minimum internet and intranet Services policies, procedures, and guidelines. [Dated 08/05/2019]
- VA Handbook 6102 | Internet and Intranet Services – Implements the policies contained in VA Directive 6102, Internet and Intranet Services. [Dated 08/05/2019]
Office of Management and Budget (OMB)Memorandum M-99-18 – Privacy Policies on Federal Websites.
OMB Memorandum 00-13 – Privacy Policies and Data Collection on Federal Websites.
OMB Memorandum M-17-06 – Policies for Federal Agency Public Websites and Digital Services.
Title 5 Code of Federal Regulations Part 2635 – Ethical Conduct for Employees of the Executive Branch.
Title 5 United States Code Section 301 – Departmental Regulations.
Public Law 105-220, Section 504 of the Rehabilitation Act – Privacy.
Public Law 105-220, Section 508 of the Rehabilitation Act – Electronic and Information Technology Regulations.
VA Directive 0023 | Tier 1 Graphic Standards – Establishes a new brand graphic identity and guidelines for correct use in creating new communication products to Veterans about Department of Veterans Affairs’ benefits and services. [Dated 05/24/2013]
VA Handbook 0023 | Tier 1 Graphic Standards, Appendix A – showcases major elements of the VA brand identity system and provides guidelines for their correct use in creating new components of the VA brand identity. [Dated 05/24/2013]
VA Directive 6001 | Limited Personal Use of Government Office Equipment Including Information Technology – Defines acceptable, limited conditions for VA employees’ personal use of Government office equipment, including information technology. [Dated 07/28/2000]
VA Directive 6221 | Accessible Information and Communications Technology (ICT) – Provides VA-wide policy to ensure that VA employees and members of the general public with disabilities have access to and use of VA’s Information and Communications Technology comparable to that provided to non-disabled persons. [Dated 10/16/2017]
VA Handbook 6221 | Accessible Information and Communications Technology (ICT) [Dated 02/13/2019]
VA Handbook 6300.1 | Records Management Procedures – Mandatory VA procedures for managing records effectively and efficiently throughout their life cycle. [Dated 03/24/2010]
VA Handbook 6300.5 | Procedures for Establishing and Managing Privacy Act Systems of Records – Sets forth procedures for establishing and managing systems of records under the Privacy Act. [Dated 06/10/2010]
VA Handbook 6310.1 | Forms Management Procedures – Establishes the VA forms management procedures that implement the policies contained in VA Directive 6310, Forms, Collections of Information, and Reports Management. [Dated 12/01/2001]
VA Directive 6361 | Ensuring Quality of Information Disseminated By VA – Provides Department-wide policy for ensuring the quality of information VA disseminates to the public. [Dated 09/02/2004]
VA Handbook 6361 | Ensuring Quality of Information Disseminated By VA – Establishes new VA procedures for ensuring the quality of information before it is disseminated to the public, and implements policies contained in VA Directive 6361, Ensuring Quality of Information Disseminated by VA and in VA and Office of Management and Budget (OMB) guidelines for ensuring and maximizing the quality, objectivity, utility, and integrity of information disseminated to the public. [Dated 09/02/2004]
VA Directive 6500 | VA Cybersecurity Program – Provide the framework for VA’s Cybersecurity Program. [Dated 01/24/2019]
VA Handbook 6500 | Assessment, Authorization and Continuous Monitoring of Risk Management Framework for VA Information Systems – Tier 3: VA Information Security Program – Provides the risk-based process for selecting system security controls, including the operational requirements for VA information technology systems per VA Directive 6500, VA Cybersecurity Program. [Dated 03/10/2015]
VA Directive 6508 | Implementation of Privacy Threshold Analysis and Privacy Impact Assessment – Establishes a VA enterprise-wide policy for incorporating use of the Privacy Threshold Analysis (PTA) as recommended by the National Institute of Standards and Technology and the Privacy Impact Assessment (PIA) as required under privacy provisions of the E-Government Act of 2002; applicable Office of Management and Budget guidance; and VA Directive 6502, Enterprise-Wide VAPrivacy Program. [Dated 10/15/2014]
VA Handbook 6508.1 | Procedures for PTA and PIA – Establishes a detailed methodology for the inclusion of the PTA into the VA enterprise-wide privacy compliance process. [Dated 07/30/2015]
VA Directive 6515 | Use of Web-Based Collaboration Technologies – Provides policy for all VA offices and employees regarding the use of web-based resources and tools to facilitate collaboration, outreach, communication, and information sharing at VA. [Dated 06/28/2011]