Standards and policies

Primary governing VA policies

VA Directive 6102 | Internet and Intranet Services – Establishes the Department of Veterans Affairs (VA) minimum internet and intranet Services policies, procedures, and guidelines. [Dated 08/05/2019]

Governing federal policies

Related VA policies

  • VA Directive 0009 | Ensuring Quality of Information Disseminated By VA– Provides Department-wide policy for ensuring the quality of information VA disseminates to the public. [Dated 06/03/2019]
  • VA Directive 0023 | Tier 1 Graphic Standards–Establishes a new brand graphic identity and guidelines when creating new communication products to Veterans about VA benefits and services. [Dated 05/24/2013]
  • VA Handbook 0023 | Tier 1 Graphic Standards, Appendix A–Showcases major elements of the VA brand identity system and provides guidelines for correct use in creating new components of the VA brand identity. [Dated 05/24/2013]
  • VA Directive 6001 | Limited Personal Use of Government Office Equipment Including Information Technology–Defines acceptable, limited conditions for VA employee personal use of Government office equipment, including information technology (IT). [Dated 07/28/2000]
  • VA Directive 6221 | Accessible Information and Communications Technology (ICT)–Provides VA-wide policy to ensure VA employees and members of the general public with disabilities have access to (and use of) ICT comparable to that provided to non-disabled persons. [Dated 10/16/2017]
  • VA Handbook 6300.1 | Records Management Procedures–Mandatory VA procedures for effectively and efficiently  managing records throughout their life cycle. [Dated 03/24/2010]
  • VA Handbook 6300.5 | Procedures for Establishing and Managing Privacy Act Systems of Records–Procedures for establishing and managing systems of records under the Privacy Act. [Dated 06/10/2010]
  • VA Handbook 6310.1 | Forms Management Procedures–Establishes the VA forms management procedures that implement policies contained in VA Directive 6310, Forms, Collections of Information, and Reports Management. [Dated 12/01/2001]
  • VA Directive 6500 | Managing Information Security Risk: VA Information Security Program–Provides the framework for VA’s Security Risk Management Program. [Dated 02/24/2021]
  • VA Handbook 6500 | Risk Management Framework for VA Information Systems VA Information Security Program–Provides the risk-based process for selecting system security controls, including the operational requirements for VA information technology systems per VA Directive 6500, Managing Information Security Risk: VA Information Security Program. [Dated 02/24/2021]
  • VA Handbook 6502.3 | Web page Privacy Policy–Outlines general guidelines for creating, posting, and maintaining all VA web page privacy policies on the internet. [Dated 06/03/2011]
  • VA Directive 6508 | Implementation of Privacy Threshold Analysis and Privacy Impact Assessment – Establishes a VA enterprise-wide policy for incorporating the Privacy Threshold Analysis (PTA) as recommended by the National Institute of Standards and Technology and the Privacy Impact Assessment (PIA) as required under E-Government Act of 2002 privacy provisions of the applicable Office of Management and Budget guidance, and VA Directive 6502, Enterprise-Wide VA Privacy Program. [Dated 10/15/2014]
  • VA Handbook 6508.1 | Procedures for PTA and PIA–Establishes a detailed methodology for PTA inclusion in the VA enterprise-wide privacy compliance process. [Dated 07/30/2015]
  • VA Directive 6515 | Use of Web-Based Collaboration Technologies–Provides policy for all VA offices and employees on using web-based resources and tools to facilitate collaboration, outreach, communication, and information sharing at VA. [Dated 06/28/2011]

On this page: