1 / 14

National Capitol Area Conference

National Capitol Area Conference. Robert King, CPPS. November 15, 2011. Robert King E2608-08 Standard Practice for Equipment Control Matrix. Department of Homeland Security Policy. In 2009 DHS Management adopted a 0% acceptable loss rate for Sensitive Assets

jada
Download Presentation

National Capitol Area Conference

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. National Capitol Area Conference Robert King, CPPS November 15, 2011

  2. Robert King E2608-08 Standard Practice for Equipment Control Matrix

  3. Department of Homeland Security Policy • In 2009 DHS Management adopted a 0% acceptable loss rate for Sensitive Assets • This was in direct response to audit findings • Audit recommendations were to ensure sufficient controls were instituted to: • account for and control Sensitive assets throughout their life, and • identify and timely report occurrences of loss, damage and destruction (LDD)

  4. DHS: Sensitive Assets • Sensitive assets are defined as all assets, regardless of value, which require special control and accounting to ensure accountability and safeguarding. They include, but are not limited to: • Dangerous and hazardous assets, • Law Enforcement equipment, • Assets authorized for storing and/or processing classified information • Assets with retainable memory, • Inherently portable assets and assets that can easily be converted to private use or have high potential for theft

  5. DHS: Sensitive Assets • 0% acceptable loss rate was a point of contention between Management and DHS Components • Needed approach for balancing both Management’s objectives and Component’s Concerns • Other audit findings that needed to be addressed included DHS Management providing: • Standard classification and identification of assets • Consistent, compressive direction on appropriate accountability controls

  6. E2608-08 Standard Practice for Equipment Control Matrix • This practice describes equipment control classes (ECCs), equipment control levels (ECLs), and their relationships. • The ECCs provide standard classes for equipment based on control and tracking requirements for the equipment. • Establishes a standard equipment control methodology to aid in requirements determination and communication with the end goal of the promulgation of safe, secure, cost effective, and risk appropriate control and tracking methodologies.

  7. E2608-08Equipment Control Matrix

  8. DHS: Equipment Control Matrix for Sensitive & Accountable Assets

  9. DHS: Equipment Control MatrixSensitive Assets

  10. DHS: Equipment Control MatrixSensitive Assets

  11. DHS: Equipment Control MatrixSensitive Assets

  12. DHS: Equipment Control MatrixAccountable Assets

  13. Value of Equipment Control Matrix • DHS Management has approved industry recognized acceptable loss rates for ECCs 2, 3 and 4, but has maintained a 0% acceptable loss rate for ECC 1 • Additional controls tailored and applied to the vulnerabilities associated with classes of assets • Providing departmental guidance around standard classifications and controls for asset types

  14. Next Steps with Instituting Equipment Control Matrix • Instituting within each DHS Component to adopt their classification system to the ECCs and incorporate into monthly LDD reporting • Adopting within policy and instruction • Providing a platform for demonstrating sufficient DHS guidance and controls to close outstanding audits

More Related