OMB Individually Reported

Policy Knowledge Base

Low riskExact public inventory row

Description

VA cybersecurity staff are challenged of managing and staying updated with an extensive array of documentation related to policies, processes, directives, and frameworks, which are essential for maintaining compliance and ensuring the security and privacy of VA information systems. VA RMF program continues to rely on human decision-making for risk-based decisions. This human-centric approach requires extensive involvement from various roles and generation/consumption of large amounts of artifacts and staffing resources.

Detailed example

Compliance checklist results with policy references and recommendations.

AI / analytics pattern

Classical/Predictive Machine Learning: Models trained on data to make predictions or classifications based on identified patterns or relationships.

Automation level / stage

a) Pre-deployment – The use case is in a development or acquisition status.

Expected benefit

The AI model can help analysts quickly locate and reference the relevant VA policies to validate compliance and identify non-compliance.

Controls / human review

ATO: Not reported; PIA: Not published