High Value Asset Program Management Office (HVA PMO)

Overview

The Federal High Value Asset (HVA) Program Management Office (PMO) plans, prioritizes, and coordinates the delivery of CISA-led HVA assessments to provide an unbiased review of the HVAs cybersecurity posture across the Federal HVA Enterprise (FHE). Results of these assessments inform risk management decisions at an agency level to enhance the Cyber Security of the FHE across the Federal government. The HVA PMO connects the authorities of the Office of Management and Budget (OMB) and CISA to identify the most valuable systems and harmonize a Federal Civilian Government-wide approach to protect HVA system functions and the information they contain. 

To maintain shared situational awareness of the Federal Civilian Executive Branch (FCEB) risk posture, CISA has established an assessment frequency for HVA systems. CISA categorizes HVA systems into Tier 1 and Non-Tier 1 based on criticality and establishes the assessment and frequency requirements listed in Table 1.

• Tier 1 HVAs represent systems of critical impact to both the agency and the nation.
• Non-Tier 1 HVAs represent systems of significant impact to both the agency and the nation. 
   

In addition, agencies are encouraged to conduct supplemental assessments as listed in Table 2 of their Tier 1 and Non-Tier 1 HVAs to further enhance protections of these HVA systems.