The Office of Cyber Security
Evaluations is responsible for the independent
evaluation of the effectiveness of classified and
unclassified computer security policies and programs
throughout the Department. It has established and
maintains a continuous program for assessing Internet
security to include offsite scanning and controlled
penetration attempts to detect vulnerabilities that
could be exploited by hackers or sophisticated attackers.
The office analyzes cyber security trends and studies
complex-wide issues in order to provide feedback on
essential information assurance practices to DOE sites.
Assesses new vulnerabilities and the effectiveness
of DOE policies governing classified and unclassified
Conducts annual evaluations of classified information
security programs for DOE as required by the Federal
Information Security Management Act.
Conducts independent special studies of cyber
security topics of interest to the DOE community.
Conducts routine announced inspections of classified
and unclassified cyber security programs at DOE
Conducts unannounced (Red Team) assessments of
DOE information systems.
Develops recommendations and identifies opportunities
for improving cyber security performance.
Evaluates effectiveness of cyber security tools.
Maintains a continuous program of announced and
unannounced remote testing for DOE network vulnerabilities
through scanning and penetration testing.
Performs complex-wide reviews of cyber security
topical areas and institutes follow-up activities
to ensure that identified issues are addressed
in a timely and effective manner.
Performs on-going analyses to identify trends
and emerging issues in the cyber security arena.
Provides a "rapid response" capability to perform
special reviews for the Secretary of Energy and
senior DOE managers.
Provides input for the annual evaluation of DOE
unclassified information security programs as
required by the Federal Information Security Management
Reviews other governmental and commercial cyber
security programs to provide benchmarks for DOE