High Value Assets Assessment (HVA) Training

Part of the Assessment Evaluation and Standarization (AES) series of courses, the High Value Assets (HVA) course is designed to empower students to evaluate the federal government’s approach to managing risk and to provide an unbiased, third-party review of the government’s most critical HVA’s cybersecurity posture and operations. The course also verifies that successful students have the capability to inform respective agency leadership to fully understand and manage the risk which is inherent in its selected cybersecurity solution(s). The process depends on in-person interviews, documentation reviews, in-depth technical analysis, and resilience testing through vulnerability scanning and penetration testing. The assessment results in a detailed analysis of how the HVA’s individual security components integrate and operate, including how data is managed and secured. 

Role options for this course:

Assessment Lead

The Assessment Lead (AL) is responsible for the overall preparation, execution, and post-execution stages of a CISA Assessment. The lead is the primary point of contact for the assessment team and will coordinate all assessment activities with the organization point of contact. The AL will schedule all assessment activities and ensure that appropriate Subject Matter Experts are available, and that technical access is granted to operators. The AL is also responsible for ensuring all assessment artifacts are completed and delivered to the appropriate stakeholders at the conclusion of the assessment.

Technical Lead

The Technical Lead (TL) is the primary Subject Matter Expert for the assessment team. The TL is responsible for facilitating the assessment and determining findings for the organization.  This role requires that the individuals aspiring to be Technical Leads be experts in the technologies and industry standards of the assessment targets. The TL will analyze the results of the Technical Exchange Meeting and generate the assessment report.

Operator*

The Operator (OP) is primarily responsible for simulating and emulating potential adversaries’ exploitation or attack capabilities against an asset by using known Tactics, Techniques, and Procedures (TTP)s and tools, to discover weaknesses in the asset’s cyber security defense. HVA operators are experienced penetration testers who can operate safely as individuals and describe findings. HVA operators are responsible for ensuring that the penetration test is properly scoped for technical testing and that the rules of engagement are defined and adhered to. The OP is responsible for conducting all testing requirements per CISA standards and generating a detailed penetration testing report.

*As of April 2023, this course will be closed to OPs. All OPs seeking to conduct RVA assessments will be required to attend and pass the RVA Operator course. Successful attendees will obtain the required qualification to conduct HVA Assessments.

The HVA assessment is an "expert driven" assessment that requires assessors to have a senior level of knowledge related to cybersecurity best practices.

Technical Lead candidates should have prior experience as system administrators, cybersecurity engineers, or Information System Security Officers.

Operator candidates should be mid or senior level penetration testers with experience testing applications, networks, and cloud environments.

To register for this course, please email your intent to AESTraining@hq.dhs.gov