The Program Protection Plan (PPP) is the single source document used to coordinate and integrate all protection efforts. It’s designed to deny access to Critical Program Information (CPI) to anyone not authorized, not having a need-to-know and prevent inadvertent disclosure of leading edge technology to foreign interests. The PPP is approved by the Program Manager (PM) after an Initial Capabilities Document (ICD) has been validated and is part of the Security Classification Guide (SCG). A draft is due for the Development RFP Release decision and is approved at Milestone B. [1,2]
The following guidance describes the process used to prepare a PPP when one is required: 
- Any program, product, technology demonstrator, or other item developed as part of a separate acquisition process, and used as a component, subsystem, or modification of another program, should publish a PPP.
- Effectiveness of the PPP is highly dependent upon the quality and currency of information available to the program office.
- Coordination between the Program Management Office (PMO) and supporting Counterintelligence (CI) and security activities is critical to ensure that any changes in the system CPI, threat, or environmental conditions are communicated to the proper organizations.
- Intelligence and CI organizations supporting the program protection effort should provide timely notification to the PM of any information on adverse foreign interests targeting their CPI without waiting for a periodic production request.
While there is no specific format for PPPs, they normally include the following: 
- System and program description
- All program and support points of contact
- A list of program CPI
- Counterintelligence Analysis of CPI
- Vulnerabilities of CPI
- All Research and Technology Protection countermeasures (e.g., anti-tamper techniques, system security engineering) and Militarily Critical Technology List citations for applicable CPI
- All RTP associated costs, by Fiscal Year, to include PPP development and execution
- Counterintelligence Support Plan
- Security Classification Guide
- Foreign disclosure, direct commercial sales, co-production, import, export license or other export authorization requirements, and/or Technology Assessment/Control Plan
- Delegation of Disclosure Authority Letter (DDL), if appropriate
- Program Security Instruction, if appropriate
REGULATORY: A draft update is due for the Development RFP Release decision and is approved at Milestone B. The PPP includes appropriate appendixes or links to required information. 
- Detailed descriptions of program protection activities are provided in the Defense Acquisition Guidebook Chapter 13
AcqLinks and References:
-  Defense Acquisition Guidebook (DAG) – Chapter 8.4.6
-  DoD Instruction 5000.02 “Operation of the Defense Acquisition System”
- DoD Instruction 5200.39 “CPI Identification and Protection Within RDT&E” – 17 Nov 2017
- DoD Manual 5200.45 “Instructions for Developing Security Classification Guides” – 6 April 2018
- DoD 5200.1-H “Handbook for writing a Security Classification Guide” – Nov 99
- Program Protection Plan Outline and Guidance – July 2011
- DoD Instruction 5200.01 “DoD Info Security Program and Protection of Sensitive Compartmented Info” – 9 Oct 2008
- DoD 5200.1-M “Acquisition Systems Protection Program” – 16 Mar 1994
- DoD 5200.1-r “Information Security Program” – Jan 97
- DoD 5200.1ph “DoD Guide to Marking Classified Documents” – April 1997
- Template: Program Protection Plan (PPP) Template v3.2 – Jul 11