Office of the Chief Information Officer

United States Department of Agriculture

Departmental Manual 3505-005

Office of the Chief Information Officer, Information Security Center

Cybersecurity Incident Management Procedures


a.  This Departmental Manual (DM) provides guidance for cybersecurity incident management and reporting and describes essential preparations for effective incident management.

b.  This DM supports compliance by the United States Department of Agriculture (USDA) with Federal laws, regulations, and guidance on cybersecurity incident management.

c.  This DM serves as the foundation for Mission Areas, agencies, and staff offices to develop and implement cybersecurity incident management procedures and plans that comply with Federal and Departmental requirements.

d.  Major objectives of the cybersecurity incident management procedures in this manual are to:

(1)  Mitigate risks from incidents before substantial harm occurs;

(2)  Ensure coordination of and good communication about incident management activities within USDA and with external stakeholders; and

(3)  Provide timely notification and reporting to appropriate entities.


a.  This manual is effective immediately and remains in effect until it is superseded or expired.

b.  All Mission Areas, agencies, and staff offices will align their procedures with this manual within 6 months of the publication date.

c.  The DM aligns with the Department's cybersecurity incident management policy, Departmental Regulation (DR) 3505-005, Cybersecurity Incident Management.

PDF icon DM3505-005 (11/30/2018) (PDF)256.76 KB