Note: The business standards and capabilities listed below are not representative of the full Federal cybersecurity lifecycle. Additional phases of the cybersecurity lifecycle will be added as they become available.

Security Operations Center

FIBF

Click wheel to review standards

Federal Integrated Business Framework (FIBF)

The FIBF is a model that enables the Federal government to better coordinate and document common business needs across agencies and focus on outcomes, data, processes and performance. It is the essential first step towards standards that will drive economies of scale and leverage the government’s buying power.

Cybersecurity Lead

Name: DHS - Cybersecurity and Infrastructure Security Agency (CISA)

Download Security Operations Center Business Standards Components

Business Capabilities

Federal Business Lifecycle - Security Operations Center

Federal Business Lifecycles, functional areas, functions, and activities serve as the basis for a common understanding of what services agencies need and solutions should offer.

Functions: Breakdown of a functional area into categories of services provided to customers.

Activities: Within a function, processes that provide identifiable outputs/outcomes to customers are defined as activities.

Select from the list of available functions to view associated activities

CYB.010 IDENTIFY - Asset Management

*Identifier*	*Activity*	*Description*

CYB.020 IDENTIFY - Risk Management

*Identifier*	*Activity*	*Description*

CYB.030 IDENTIFY - Governance

*Identifier*	*Activity*	*Description*

CYB.040 PROTECT - Protective Technology

*Identifier*	*Activity*	*Description*

CYB.050 PROTECT - Awareness and Training

*Identifier*	*Activity*	*Description*

CYB.060 PROTECT - Information Protection Policy

*Identifier*	*Activity*	*Description*

CYB.070 PROTECT - Business Continuity Management

*Identifier*	*Activity*	*Description*

CYB.080 PROTECT - Data Security

*Identifier*	*Activity*	*Description*

CYB.090 DETECT - Continuous Monitoring

*Identifier*	*Activity*	*Description*

CYB.100 RESPOND - Incident Management

*Identifier*	*Activity*	*Description*

Business Capabilities - Security Operations Center

Business Capabilities are the outcome-based business needs mapped to Federal government authoritative references, forms, and data standards.

Security Operations Center Business Capabilities

Business Capabilities Explorer

Capability ID	Function	Activity Name	Input/ Output/ Process	Business Capability Statement	Authoritative Reference

Business Use Cases - Security Operations Center

A set of agency “stories” that document the key activities, inputs, outputs, and other LOB intersections to describe how the Federal government operates.

Standard Data Elements - Security Operations Center

Identify the minimum data fields required to support the inputs and outputs noted in the use cases and capabilities.

Service Measures - Security Operations Center

Define how the government measures successful delivery of outcomes based on timeliness, efficiency, and accuracy targets.