Task Area 7 – Critical Infrastructure Protection and Information Assurance

The objective of this task area is to support the protection of critical infrastructure, assurance of agency information, and operations that protect and defend information and information systems by ensuring confidentiality, integrity, availability, accountability, restoration, authentication, non-repudiation, protection, detection, monitoring, and event react capabilities. A comprehensive, but not limited, sampling of work to be performed under this task area is shown below:

1. Cyber Security
2. Critical Infrastructure Asset Identification and Configuration Management Databases
3. Information Assurance of Critical Infrastructure
4. Risk Management (Vulnerability Assessment and Threat Identification)
5. Facility Protection Planning
6. Information Systems Security
7. Security Operations Center Development and Operations Management
8. Application Security
9. Disaster Recovery
10. Critical Infrastructure Continuity and Contingency Planning
11. Incident Response Planning and Execution
12. Security Certification and Accreditation
13. Training and Awareness Programs
14. Exercises and Simulation
15. Federal Information Security Management Act (FISMA) Implementation Support
16. Health Insurance Portability and Accountability Act Implementation Support
17. Cryptographic Support and Services
18. Record Management
19. Public Key Infrastructure
20. Trusted Internet Connections implementation
21. Security Review and Analysis of Automated Information Systems
22. Identity Management and Assurance
23. Intelligent, Automated Data Collection and Analysis
24. IT Forensics and eDiscovery