Products...VA Alignment...Models
Models
The Veterans Affairs Alignment Models provide an enterprise-wide view of specific EA topics, which are of broad interest to the Department; these models should facilitate cross-VA analysis and the understanding of the addressed topic. Although internal to VA, these models are roughly equivalent to the FEA reference models in their intended use. The reference models presented below are collaborative work in progress between the Enterprise Architecture Service and organizations such as Cyber Security.
The next steps in the development of complete models include:
- Collection of additional VA policy information and association with external guidance;
- Collection of security project and implemented system information; and
- Development of a line of sight from external security requirement through VA security policy establishment, through security task implementation to measurement of operational results.
Cyber Security Planning Reference Model
The VA Cyber Security Planning Reference Model (CSPRM) is the product of a joint effort between the Office of Cyber & Information Security (OCIS) the Office of Enterprise Architecture Management (OEAM). The joint team designed the CSPRM to provide a detailed architectural view that aligns OCIS security policies with Federal cyber security mandates and the seventeen Federal security families defined in FIPS PUB 200, Minimum Security Requirements for Federal Information and Information Systems.
The external reference link below provides access to a working proof-of-concept model generated with Federal and sample OCIS data.
Reference(s):
Cyber Security Implementation Reference Model
The VA Cyber Security Implementation Reference Model (CSIRM) is the product of the Office of Enterprise Architecture Management (OEAM). OEAM designed the CSIRM to provide a detailed architectural view that aligns security policies with Federal cyber security mandates and EA Business Functions.
The external reference link below provides access to a working proof-of-concept model generated with Federal and sample OCIS data.
Reference(s):
VA Privacy Reference Model
The VA Privacy Reference Model (VPRM) is a modification of the VA Cyber Security Implementation Reference Model (CSIRM) product. VPRM’s purpose is similar to CSIRM in that it provides a detailed architectural view that aligns OCIS privacy policies with Federal privacy mandates (instead of security policies and mandates). Privacy policies are mapped to VA business functions (rather than Federal security families).
The external reference link below provides access to a working proof-of-concept model.
Reference(s):
HIPAA Cross-Reference Model
The next production version of the VA Enterprise Architecture will include a model that cross-references HIPAA and Privacy actionable mandates to their applicable VA business lines, Processes and Implementing Projects.