Office of the Chief Information Officer

United States Department of Agriculture

Operational Assessments

Service Description

Review, test and verify agency network and IT systems, ports, and services, including potential vulnerabilities and targets.  Plan, execute and evaluate operational assessments.  Provide remediation recommendation reporting.

What's Included

Functions of a managed security service include

  • Conduct a network and system security tests and assessment review.  Identify system use, configuration and security policies.  Assess network traffic and system activity.
  • Provide Network Discovery Scanning, Target Identification and Analysis
  • Identify and validate system vulnerabilities and how they can be exploited to gain greater access,
  • Plan the security assessments.  Organize, prioritize and select assessment targets, logistics and techniques.
  • Coordinate secure assessment analysis, data handling, storage, transmission and destruction.
  • Test, implement and verify mitigation recommendation
  • Provide reporting on the vulnerability testing results

How We Charge

The cost of this service is recovered by the number of full time employees (FTE) supported in your agency as a percentage of total departmental FTEs supported.

Service Level Metrics

Measure Target SLA
System Monitoring 24 x 7
Incident Response 24 x 7
System Availability 99.99% excluding planned downtime*

Cost Saving Tips

  • Provide lower total cost of information security ownership. 
  • Allow agencies focus resources on mission critical business objectives.
  • Compliance with government regulations is provided through ongoing security monitoring.
  • A vendor neutral approach supports the appropriate composition of security services by deploying market-based solutions from a wide variety of industry sources.

Additional Information

Services are in compliance with applicable standards from NIST (including SP 800-115), OMB, FIPS and GAO