United States Department of Agriculture (USDA)
Privacy Policy and Oversight (CPPO)
The United States Department of Agriculture Cyber Security, Privacy Policy and Oversight (CPPO) required the expertise, of an experienced contractor to provide Government Risk Management Compliance & Oversight. In support of the OCIO-CPPO, XA Systems thrived on ensuring protection of information assets and maintaining their availability, integrity, and confidentiality of the USDA information technology systems and telecommunications resources.
The XA Systems Solution
For OCIO-CPPO, XA Systems provided partnership support through advisory consulting and program management for FISMA Compliance to the Office of The CIO. Our efforts resulted in operational procedures and policies designed to improve the centralized standards development of the security compliance processes and to direct FISMA compliance maintenance activities for all USDA operational departments and agencies.
PROGRAM MANAGEMENT. Our Program Management team provided the USDA with on-going advisory support including quality improvement recommendations and the daily management of activities relating to many aspects of their FISMA security compliance management life-cycle. XA Systems team of C&A and CISSP certified engineers and consultants quickly identified key areas of risk and exposure and provided clear direction and controlled activities necessary to remediate challenged areas. Upon request and on several occasions, our XA lead PMO Advisory personnel represented the USDA OCIO as their lead points of contact while and attending internal USDA Divisional and external agency compliance committees including the US Department of Justice, Food and Drug Administration and others. XA utilized prior lessons learned with elements found in the ITIL (Information Technology Infrastructure Library) Framework as a guide during the development of key processes, procedures and policies to enhance their Disaster Recovery plan, their intra-agency compliance reporting processes, and guidelines that established their routine evaluations of the agency security intrusion detection capabilities. ITIL was also an informational tool that assisted our development of their key performance indicators necessary to establish continual quality improvement through metrics management. ITIL in combination with our PMO practices were instrumental in success factors such as, performing the contract within budget, promotion of the service delivery concepts within the USDA staff areas, and alignment of their business needs to their technology requirements which established clear and attainable expectations of performance, were all incorporated into or program management approach.
DOCUMENTATION ND TECHNICAL WRITING. During the life of the contract, XA Systems supported the USDA in their efforts to develop, edit and maintain accurate accounts of project, program and contract performance data. Our solution incorporated, but was not limited to the following:
- Detailed Status Reports
- Developing Process Flows
- Establishing and Implementing SOP’s
- Providing Process/Project Plans, Inventory & Problem Analysis Reports & Change Request
ADVISE & PLAN. Our team established constant lines of communication, to accurately understand the CPPO mission. Thus effectively establishing a process and technology that had the ability to protect the sharing of information instantaneously between computers and networks, which in-turn decreased USDA’s vulnerability to a wider family of threats that are unlawful and destructive, (ex .penetrations and disruptions). This also included, but was not limited to the following:
- Cyber Security with SDLC
- Contingency Planning
- Continuous Monitoring
- Risk Management
- Information Security Awareness Training
- Managed the USDA Privacy Program to provide the maximum protection of private and confidential information throughout USDAIT systems.
- Provided expertise to support contingency and disaster recovery planning and ensure that they met all OMB and NIST standards.
