This policy aims to establish a framework for the development, implementation, use and evolution of NATO C3 Capabilities and ICT Services, the roles and responsibilities of the various stakeholders in this process, with a specific focus on NATO organisations participating in the NATO Enterprise. This policy provides the highest level mandatory principles for the management of C3 Capabilities and ICT Services (including CIS Security and Cyber Defence) through a structured lifecycle approach. The scope of this policy covers the full lifecycle of all C3 Capabilities and ICT Services, which will be used by entities of NATO regardless of their source and funding.