Cyber Security Vulnerability Assessment (CSVA)

What is CSVA?

The CSVA can be either a stand-alone assessment or in conjunction with a Security Vulnerability Assessment (SVA). The goal of the CSVA is to improve the overall security of critical cyber infrastructure throughout the State of Alaska in all 18 Critical Infrastructure and Key Resource (CIKR) Sectors. The assessment process is a non-regulatory review of cyber security management practices within the organization to build a risk matrix, threat indicators, maturity model, prioritized recommendations, and is overall designed to build the relationships necessary to foster cooperative arrangements during both normal operations and in times of crisis. The CSVA is not an examination of all the IT business operations or a technical assessment. It does not satisfy compliance towards any specific regulatory authority nor does it force an organization to take corrective action based on the results.

All information collected by the CSVA Team becomes protected from public dissemination under the Homeland Security Act as “Homeland Security Sensitive Information” or as “Protected Critical Infrastructure Information”. The means by which the information is classified is determined by the type of assessment being conducted and infrastructure being assessed. Both Security Classification Programs protect information from public disclosure under national law. Additional information on the programs can be obtained from the links below or directly from our staff.

What We DO

CSVA Links

CSVA Point of Contact