- Chair: Nick Sturgeon, IN-ISAC and SOC Manager
- Co-Chair: Jill Fraser, Security Program Manager, Jefferson County Colorado
- SO Advisor: Josef Klein
Identify and capture the capabilities necessary for an interested organization to effectively operate an ISAO. These capabilities will support day-to-day operation of the ISAO and support its main function: to share and receive cyber information in a timely and effective manner. Capabilities must allow for the most basic ISAO and also support more sophisticated organizations.
- Baseline standards and guidelines for operational, technical, analytical, and personnel capabilities
- Identify capabilities associated with various tiers or categories of ISAOs
- Identify capabilities for business analysis, process and project management, and administration