High Value Assets Assessment (HVA) Training

Location type



High Value Asset (HVA) Non-Tier 1


Assess the HVA security architecture to identify technical concerns that could expose the organization to risk



  • Part of a U.S. Cybersecurity and Infrastructure Security Agency (CISA) initiative intended to help government departments and agencies understand their operational resilience and ability to manage cyber risk
  • Assess an HVA’s security environment and organizational processes through interviews, artifact examination, and technical testing
  • Designed to understand the HVA security architecture to understand its resilience as well as provide recommendations for improvement
  • Most activities typically occur over a consecutive three-day period
  • Elapsed time may be five or six weeks, depending on report review turnaround
  • Key deliverable is the HVA Assessment Final Report
  • Either an HVA individual or team conducts each assessment
  • Individual HVA assessors are trained or qualified for a particular role



Assessment Lead and Technical Lead

Course Length

5 Days

Course Mode

Instructor Led, Virtual

Course Agenda

  • Day 1 – Background, HVA roles, methodology (planning)
  • Day 2 – Methodology (execution), Discussion Topics
  • Day 3 – Methodology (execution), (post-execution)
  • Day 4 – Methodology (post-execution)
  • Day 5 – Capstone


Role options for this course:

Assessment Lead

The Assessment Lead (AL) is responsible for the overall preparation, execution, and post-execution stages of a CISA Assessment. The lead is the primary point of contact for the assessment team and will coordinate all assessment activities with the organization point of contact. The AL will schedule all assessment activities and ensure that appropriate Subject Matter Experts are available, and that technical access is granted to operators. The AL is also responsible for ensuring all assessment artifacts are completed and delivered to the appropriate stakeholders at the conclusion of the assessment.

Technical Lead

The Technical Lead (TL) is the primary Subject Matter Expert for the assessment team. The TL is responsible for facilitating the assessment and determining findings for the organization.  This role requires that the individuals aspiring to be Technical Leads be experts in the technologies and industry standards of the assessment targets. The TL will analyze the results of the Technical Exchange Meeting and generate the assessment report.



The HVA assessment is an "expert driven" assessment that requires assessors to have a senior level of knowledge related to cybersecurity best practices.

Technical Lead candidates should have prior experience as system administrators, cybersecurity engineers, or Information System Security Officers.


If you encounter any issues you may contact for assistance.