Independent Security Assessments
The California Military Department (CMD) performs the Independent Security Assessments required by Government Code Section 11549.3 as amended by AB 670 on October 6, 2015.
Note: The Independent Security Assessment should not be confused with a CDT Information Security Program Audit (ISPA).
ISA’s are performed by the Cyber Network Defense (CND) Team of the California Military Department. The mission of the CND is to assist the Department of Defense, Federal, State, Local Government partners and Critical Infrastructure providers to provide confidentiality, integrity, and availability of critical network infrastructure. The CND Team also provides support and assistance through established partnerships with cybersecurity vendors, academia, and government entities.
Information Security Assessment Overview
Existing law establishes, within the Government Operations Agency, the Department of Technology under the supervision of the Director of Technology, who is also the State Chief Information Officer.
AB 670 added the requirement to conduct, or require to be conducted, an independent security assessment of any state agency, department, or office, the cost of which is to be funded by the state agency, department, or office being assessed.
Need more information? Please contact the CDT Office of Information Security at (916) 445-5239 to learn about Independent Security Assessment services.
This service is classified as a Current Service.
The ISA is a technical analysis of identified controls designed to measure Cyber Security maturity. Areas within the current ISA include host vulnerability assessments, firewall analysis, host hardening analysis, phishing susceptibility, network penetration testing, and snap-shot analysis of network traffic for signs of threat actor compromise.
AB 670 Criteria
The California Department of Military will provide a cost estimate.
To request an Independent Security Assessment, please submit a Professional Services Service Request.