Task Area 7

Critical Infrastructure Protection and Information Assurance

The objective of this task area is to support the protection of critical infrastructure, assurance of agency information, and operations that protect and defend information and information systems by ensuring confidentiality, integrity, availability, accountability, restoration, authentication, non-repudiation, protection, detection, monitoring, and event react capabilities. A comprehensive, but not limited, sampling of work to be performed under this task area is shown below:

  1. Cyber Security
  2. Critical Infrastructure Asset Identification and Configuration Management Databases
  3. Information Assurance of Critical Infrastructure
  4. Risk Management (Vulnerability Assessment and Threat Identification)
  5. Facility Protection Planning
  6. Information Systems Security
  7. Security Operations Center Development and Operations Management
  8. Application Security
  9. Disaster Recovery
  10. Critical Infrastructure Continuity and Contingency Planning
  11. Incident Response Planning and Execution
  12. Security Certification and Accreditation
  13. Training and Awareness Programs
  14. Exercises and Simulation
  15. Federal Information Security Management Act (FISMA) Implementation Support
  16. Health Insurance Portability and Accountability Act Implementation Support
  17. Cryptographic Support and Services
  18. Record Management
  19. Public Key Infrastructure
  20. Trusted Internet Connections implementation
  21. Security Review and Analysis of Automated Information Systems
  22. Identity Management and Assurance
  23. Intelligent, Automated Data Collection and Analysis
  24. IT Forensics and eDiscovery