Office of the Chief Information Officer

United States Department of Agriculture

How We Serve Our Customers

Agriculture Security Operations Division (ASOD)

ISC Security Operations (SecOps) is responsible for the staffing, management, and on-going operation of the USDA Enterprise-wide comprehensive monitoring, data analysis, and situational awareness capability for the Department. SecOPS focuses on systems engineering support and architecture of security related products and interfaces; installation of security software; and security engineering solutions for the Enterprise as well as individual agency, offices, and mission-critical applications and systems.

In addition, SecOps is responsible for the USDA Enterprise wide incident handling process, serving as the central point of contact for coordination and incident response, develops, maintains, and implements detailed process and procedures for all phases of the incident handling life cycle.

Security Management Division (SMD)

Security Services Branch (SSB) develops and implements an effective communications, outreach, and other cyber security integration strategies with the USDA agencies to ensure information security is integrated into the on-going business of the Department. SSB plans, develops, and implements ISC Customer Relationship Management (CRM) activities, such as the Agency Liaison Program; and provides cyber security reporting and training activities.

Compliance and Policy Branch (CPB) has responsibility for the day-to-day compliance and oversight of the USDA Security Program as outlined by the Federal Information Security Modernization Act of 2014 (FISMA) and Office of Management and Budget (OMB) mandates. CPB provides oversight mechanisms, monitoring and reporting on departmental compliance with federal policies. Charged with oversight of the accreditation and authorization of USDA systems through USDA’s Risk Management Framework SOID(RMF), CPB systematically evaluates over 750 IT systems (including approximately 300 FISMA-reportable systems) to ensure the ongoing security, interoperability, and availability of these systems. Additionally, CPB develops compliance reports (e.g., agency scorecards, etc.), coordinates responses to audit and data calls, and works with over 34 agencies and staff offices on cyber security matters.