Cybersecurity Assurance functional areas test, measure, and analyze the cybersecurity posture of individual agencies to produce a baseline of the federal government's cybersecurity posture.
Operational Assurance (OA) assesses Federal Civilian Executive Branch (FCEB) agencies' compliance with cybersecurity laws, regulations, policies, standards, initiatives, and directives across the federal government, including Comprehensive National Cybersecurity Initiative, Domain Name System Security Extensions (DNSSEC), Internet Protocol version 6 (IPv6), and FISMA.
- Cybersecurity Capability Validation (CCV): comprehensive, and consistently executed, onsite validations of an agency's implementation of required cybersecurity capabilities.
Analysis & Reporting
Analysis and Reporting analyzes the data collected through Compliance & Assurance activities, identifies trends, produces reports, and provides information that assessed agencies can use to identify gaps and develop risk mitigation strategies.
- Reports: detail specific data compiled from assessments that measure progress implementing cybersecurity standards, policies, and guidance, and detail identified vulnerabilities and risks specific to the assessed agency.
- Dashboards: provide easy-to-access, up-to-date views of the cybersecurity posture of the federal government or an individual agency.