Office of the Chief Information Officer

United States Department of Agriculture

Departmental Regulation 3505-005

Office of the Chief Information Officer, Information Security Center

Cybersecurity Incident Management


a.  This Departmental Regulation (DR) establishes the United States Department of Agriculture (USDA) policy for preparing for, responding to, and reporting cybersecurity incidents.  Cybersecurity incident management governs the activities for mitigating risks from such incidents before substantial harm occurs and provides timely notification to and consultation with appropriate entities.

b.  It is the policy of USDA to comply with Federal requirements to establish, implement, and enforce an incident management policy to continually manage risks to USDA information resources.

c.  This policy complies with the requirements of:

(1)  The Federal Information Security Modernization Act of 2014 (FISMA);

(2)  The Office of Management and Budget (OMB) Circular A-130, Responsibilities for Protecting Federal Information Resources, Memoranda M-19-02, Fiscal Year 2018-2019 Guidance on Federal Information Security and Privacy Management Requirements, and M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information;

(3)  The Federal Information Processing Standards Publication (FIPS PUB) 200, Minimum Security Requirements for Federal Information and Information Systems; and

(4)  The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, and NIST SP 800-61 Revision 2, Computer Security Incident Handling Guide.

d.  This policy serves as the foundation on which USDA Mission Areas, agencies, and staff offices will develop and implement their own incident management procedures that comply with Federal and Departmental requirements and align with USDA’s incident management policy.


a.  This policy supersedes DR 3505-005, USDA Cyber Security Incident Management Policy, dated October 31, 2013, in its entirety.

PDF icon DR3505-005 (11/30/2018) (PDF)232.21 KB