Centralized Information Security Officer (ISO) Service

Service Lead: Ed Miller Edward.Miller@vita.virginia.gov

The Centralized Information Security Officer (ISO) service will assist agencies in performing and documenting:  Business Impact Analysis and IT System Security Plans (consisting of IT Security Risk Assessment and Risk Treatment Plans) including required annual updates.  ISO Service analysts will also be able to provide consulting and other ISO services.

Centralized IT Security Audit Service

Service Lead: Ed Miller Edward.Miller@vita.virginia.gov

Agencies may contract for IT security audits to be conducted through this service. The audits will be performed in accordance with commonwealth IT auditing standards and will be compliant with the requirement to have a sensitive IT system audited (at least once every 3 years).

COV Security Outreach & Information Sharing Service

Service Lead: Ed Miller Edward.Miller@vita.virginia.gov

The Commonwealth Security and Risk Management (CSRM) COV Security Outreach & Information Sharing Team actively participates in the Multi-State  Information Sharing Group, Local, State (VA Fusion Center and Commonwealth Preparedness Working Group), and Federal Law Enforcement (FBI), and multiple COV Information/Infrastructure Security groups

Partnership Security Program Support

Service Lead: Jason Howze Jason.Howze@vita.virginia.gov

This VITA service arbitrates security determinations made by the IT Partnership when customers request escalation. This role researches decisions and historical information, customer information, and the ITP Procedures Manual.

Security Incident Management

Service Lead: Bob Baskette Bob.Baskette@vita.virginia.gov

  • Full Service Description: The Full Service Offering is available to executive branch agencies. The CSRM Incident Management team dispatches the Commonwealth Security Incident Response Team (CSIRT) as the first responders. 

  • Limited Service Description: A Limited Service Offering is available to non-executive branch agencies, local governments and higher education.

Security Threat and Vulnerability Assessment Service

Service Lead: Bob Baskette Bob.Baskette@vita.virginia.gov

Commonwealth Security and Risk Management (CSRM) works with the FBI, law enforcement and third parties to gather cyber intelligence. 

Web Application Vulnerability Scanning Services

Service Lead:  Bill Freda Bill.Freda@vita.virginia.gov

Multiple levels of service are available. Please review the service description page for details.

 

Product List