4.3: Security Operations
Security Operations Other Information:
Information Security management has become an area of complexity in protecting the confidentiality, integrity, and availability
of systems and data. With system interconnections across OPIC and its external partners, protection and response capabilities
must be centrally managed. Preventive and reactive IA services will ensure that a baseline of system security is maintained
across interdependencies. Integrated solutions will focus on establishing a framework to effectively identify, evaluate, test,
and implement new security solutions in addition to ensuring standard security configurations are implemented across OPIC.
Incident Management (IM) will integrate all incident-related services into a single, comprehensive capability that focuses
on OPIC-wide incident preparedness and readiness. The Security Operations element will establish a capability to centrally
manage OPIC-wide security integration initiatives and IM initiatives. The goal is to build and maintain IA capabilities to
effectively manage OPIC-wide system assurance efforts from a central location and efficiently implement security solutions
that map to the OPIC’s mission, business requirements, and IA requirements. The comprehensive Security Operations capability
will meet the following objectives: • Promote and enforce the implementation and integration of baseline security standards
throughout Principal Office lines of business • Monitor and react to potential disruptions impacting Department assets • Develop
an operational capability to provide decision support under all conditions
Indicator(s):
|
