This Assessment Process Guide describes the processes, techniques, and procedures used by the Office of Cyber Assessments to evaluate DOE’s (including the National Nuclear Security Administration) and contractor organizations’ cyber security programs designed to protect special nuclear material, classified information, and sensitive information.  In order to ensure that this guide remains current and assessments continue to improve, all users of this guide are encouraged to provide comments and recommendations to the Office of Cyber Assessments for consideration.

This Assessment Process Guide is part of an ongoing effort to maintain the quality, consistency, and contribution of the assessment program’s activities and products.  The assessment process has evolved through experience, and this guide has been developed to be flexible and easily adaptable as it is applied during the various types of assessment activities.  Use of this guide may also aid in the conduct of other DOE and contractor assessment activities.  In order to ensure that this guide remains current and assessments continue to improve, all users of this guide are encouraged to provide comments and recommendations to the Office of Cyber Assessments for consideration.