US flag signifying that this is a United States Federal Government website   Official website of the Department of Homeland Security

Homeland Security

Cybersecurity Assurance Sections

Cybersecurity Assurance functional areas test, measure, and analyze the cybersecurity posture of individual agencies to produce a baseline of the federal government's cybersecurity posture.

Operational Assurance 

Operational Assurance (OA) assesses Federal Civilian Executive Branch (FCEB) agencies' compliance with cybersecurity laws, regulations, policies, standards, initiatives, and directives across the federal government, including Comprehensive National Cybersecurity Initiative, Domain Name System Security Extensions (DNSSEC), Internet Protocol version 6 (IPv6), and FISMA.

Trusted Internet Connection (TIC) Assessments: OAP is responsible for validating compliance with OMB-approved TIC capabilities.  TIC assessments are offered at no cost to all Federal Civilian Agencies.  The TIC capabilities address:

  • TIC devices and services
  • NOC/SOC operations and services
  • SCIF capabilities and physical controls
  • Facilities visited may include any approved TIC access point:
  • Primary or alternate locations where D/A services or devices are located
  • Backup sites that have daily D/A supporting operational activities

Information to be collected inlcudes:

  • NOC/SOC operations
  • COOP/disaster recovery
  • Firewall operations
  • Data and log backups
  • IDS/IPS and other network monitoring
  • Incident response
  • Anti-virus
  • Risk management
  • Vulnerability assessment and patch management
  • Email gateway and proxy services
  • Facilities and physical security
  • TICAP training and education
  • Certification and Accreditation (C&A)

Federal Computer Network Defense (F-CND) Capability Assessment: F-CND capabilities come from a stand-alone assessment instrument that was developed for Federal departments and agencies to measure their incident management practices and identify areas for process improvement.  These capabilities provide a baseline of incident management practices against which a department or agency can be benchmarked.  These capabilities are used to determine if a department or agency has all the necessary components, processes, and controls in place to perform the full range of incident management functions and services.

Goals of F-CND Assessment

Improve the security posture of federal agency Incident Management (IMC) or CSIRT function.  The results of the F-CND assessment can help agencies:

  • Evaluate their existing incident management function
  • Review their strengths and weaknesses
  • Identify gaps in practice and operational performance
  • Recognize services and activities that are needed to maintain a resilient  incident management function
  • Plan and prioritize improvements

Incident Management Function

An incident management function includes the provision of services and activities including but not limited to:

  • incident reporting, analysis, and response
  • patch management
  • risk assessment
  • vulnerability scanning
  • network monitoring
  • anti-virus and malware programs

This function may be provided across many sections of the organization, within a security operations center, or may be outsourced to a Networx or other vendor.

Last Published Date: June 24, 2014
Back to Top