Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

The Modernization and Migration Management (M3) Playbook has a new look! Explore our new features here.

Note: The business standards and capabilities listed below are not representative of the full Federal cybersecurity lifecycle. Additional phases of the cybersecurity lifecycle will be added as they become available.

Coordinated Vulnerability Disclosure

Click wheel to review standards

Federal Integrated Business Framework (FIBF)

The FIBF is a model that enables the Federal government to better coordinate and document common business needs across agencies and focus on outcomes, data, processes and performance. It is the essential first step towards standards that will drive economies of scale and leverage the government’s buying power.

Cybersecurity Lead

Name: DHS - Cybersecurity and Infrastructure Security Agency (CISA)

Download Coordinated Vulnerability Disclosure Business Standards Components

Federal Business Lifecycle - Coordinated Vulnerability Disclosure

Federal Business Lifecycles, functional areas, functions, and activities serve as the basis for a common understanding of what services agencies need and solutions should offer.

Functions: Breakdown of a functional area into categories of services provided to customers.

Activities: Within a function, processes that provide identifiable outputs/outcomes to customers are defined as activities.

Select from the list of available functions to view associated activities

Identifier Activity Description

Back to top

Business Capabilities - Coordinated Vulnerability Disclosure

Business Capabilities are the outcome-based business needs mapped to Federal government authoritative references, forms, and data standards.

xls Coordinated Vulnerability Disclosure Business Capabilities

Capability ID Function Activity Name Input/ Output/ Process Business Capability Statement Authoritative Reference

Back to top

Business Use Cases - Coordinated Vulnerability Disclosure

A set of agency “stories” that document the key activities, inputs, outputs, and other LOB intersections to describe how the Federal government operates.

Business Standards Under Development.

Back to top

Standard Data Elements - Coordinated Vulnerability Disclosure

Identify the minimum data fields required to support the inputs and outputs noted in the use cases and capabilities.

Business Standards Under Development.

Back to top

Performance Metrics - Coordinated Vulnerability Disclosure

Define how the government measures successful delivery of outcomes based on timeliness, efficiency, and accuracy targets.

Business Standards Under Development.

Back to top