Course

High Value Assets Assessment (HVA) Training

Format
Document
Delivery
Live
Location type
Virtual/Online

Description

Assessment

High Value Asset (HVA) Non-Tier 1

Purpose

Assess the HVA security architecture to identify technical concerns that could expose the organization to risk

 

Objectives

  • Part of a U.S. Cybersecurity and Infrastructure Security Agency (CISA) initiative intended to help government departments and agencies understand their operational resilience and ability to manage cyber risk
  • Assess an HVA’s security environment and organizational processes through interviews, artifact examination, and technical testing
  • Designed to understand the HVA security architecture to understand its resilience as well as provide recommendations for improvement
  • Most activities typically occur over a consecutive three-day period
  • Elapsed time may be five or six weeks, depending on report review turnaround
  • Key deliverable is the HVA Assessment Final Report
  • Either an HVA individual or team conducts each assessment
  • Individual HVA assessors are trained or qualified for a particular role

 

Roles

Assessment Lead and Technical Lead

Course Length

5 Days

Course Mode

Instructor Led, Virtual

Course Agenda

  • Day 1 – Background, HVA roles, methodology (planning)
  • Day 2 – Methodology (execution), Discussion Topics
  • Day 3 – Methodology (execution), (post-execution)
  • Day 4 – Methodology (post-execution)
  • Day 5 – Capstone

 

Role options for this course:

Assessment Lead

The Assessment Lead (AL) is responsible for the overall preparation, execution, and post-execution stages of a CISA Assessment. The lead is the primary point of contact for the assessment team and will coordinate all assessment activities with the organization point of contact. The AL will schedule all assessment activities and ensure that appropriate Subject Matter Experts are available, and that technical access is granted to operators. The AL is also responsible for ensuring all assessment artifacts are completed and delivered to the appropriate stakeholders at the conclusion of the assessment.

Technical Lead

The Technical Lead (TL) is the primary Subject Matter Expert for the assessment team. The TL is responsible for facilitating the assessment and determining findings for the organization.  This role requires that the individuals aspiring to be Technical Leads be experts in the technologies and industry standards of the assessment targets. The TL will analyze the results of the Technical Exchange Meeting and generate the assessment report.

 

Prerequisites

The HVA assessment is an "expert driven" assessment that requires assessors to have a senior level of knowledge related to cybersecurity best practices.

Technical Lead candidates should have prior experience as system administrators, cybersecurity engineers, or Information System Security Officers.

Contact

If you encounter any issues you may contact AESTraining@hq.dhs.gov for assistance.