FW: UASI 2020/21 Cybersecurity Review Requirements, the online portal is open

From: Bush, Nancy

Sent: Tue Dec 08 16:07:34 2020

To: Bush, Nancy

Subject: FW: UASI 2020/21 Cybersecurity Review Requirements, the online portal is open

Importance: High

Hello City EMs and Partners,

See below.

Just a reminder that you must complete the Cybersecurity Review by the end of this month if you plan to receive HS dollars including UASI and SHSP.

Thanks. nb

Nancy Bush, MBA, MA (she, her, hers)

Director

Clackamas County Disaster Management

1710 Red Soils Ct

Oregon City, OR 97045

Desk: 503.655.8665

Cell: 971.806.3379

From: Crane, Elizabeth <Elizabeth.Crane@portlandoregon.gov>

Sent: Thursday, October 8, 2020 3:17 PM

To: John Wheeler (john_wheeler@co.washington.or.us) <john_wheeler@co.washington.or.us>; Bush, Nancy <NBush@clackamas.us>; Voss, Chris <chris.voss@multco.us>; scott.johnson@clark.wa.gov; steve.pegram@co.columbia.or.us; Courtney Patterson <Courtney.Patterson@oregonmetro.gov>; Myers, Mike <Mike.J.Myers@portlandoregon.gov>; Yotsov, Nora-PortofPortland <nora.yotsov@portofportland.com>; Forslof, Sherri <forslofs@ohsu.edu>; Geisen, Rebecca <Rebecca.Geisen@portlandoregon.gov>

Cc: Hanson, Laura <Laura.Hanson@portlandoregon.gov>; shaun.brown@co.columbia.or.us; Smith, Michael <MSmith@clackamas.us>; Greenlee Dianne <dianne.greenlee@doj.state.or.us>; Love, Eva <Eva.Love@portlandoregon.gov>; shaun.brown@co.columbia.or.us; Westbrook, Matt <MWestbrook@clackamas.us>; megan.whitman@clark.wa.gov; Tamie.Cody@Clark.WA.Gov; Debbie_McCarroll@co.washington.or.us; scott.johnson@clark.wa.gov; steve.pegram@co.columbia.or.us; Voss, Chris <chris.voss@multco.us>; roxana.walls@portofportland.com; Morasko, Michael <MMorasko@clackamas.us>; Wong, Michael <Michael.Wong@portlandoregon.gov>; Nordeen, Veronica <Veronica.Nordeen@portlandoregon.gov>; susan.brown@greshamoregon.gov; jaldridge@co.clackamas.or.us; joel.wendland@mcso.us; katy.schorr@portlandoregon.gov; sheila.craig@portlandoregon.gov; Damron, Ginger <Ginger.Damron@portlandoregon.gov>; hollie.m.benjamin@multco.us; pam.rothe@mcso.us; michelle.myers@mcso.us; pat.corfield@multco.us; robin.m.holm@multco.us; Naile Traci <traci.naile@mil.state.or.us>; Barrett, Denise <Denise.Barrett@portlandoregon.gov>

Subject: UASI 2020/21 Cybersecurity Review Requirements, the online portal is open

Importance: High

Warning: External email. Be cautious opening attachments and links.

RDPO UASI Grant Recipients,

As previously, subrecipients of UASI 2020 funds are required to participate in the Nationwide Cybersecurity Review (NCSR) and it is anticipated that this requirement will also apply to UASI 2021 funding as well. PBEM’s subrecipients will again be required to submit documentation you have completed and submitted on the online portal. In turn, your subrecipients must also provide you with documentation that they have completed and submitted their review. Last year we found that non-profits, or some quasi-governmental agencies were not able to complete the review even though they are UASI funding recipients. To be audit compliant, it would be best for all subrecipients to attempt the review, and if they are deemed not qualified to participate, provide that documentation for your records.

This is an enterprise level cybersecurity review. It does not have to be completed for each agency or division within a municipal or county government. It’s very likely that your IT departments are already aware of this requirement and are already participating or plan to before the online platform closes.

The portal is open between October and December 31, 2020. It will close December 31^st and not reopen until the following October. The link below will take you to the webpage with FAQs, registration information and other details.

To refresh your memory or for newcomers, the 2019 cybersecurity requirement stated:

Recipients and subrecipients of FY 2019 grant awards will be required to complete the 2019 Nationwide Cybersecurity Review (NCSR), enabling agencies to benchmark and measure progress of improving their cybersecurity posture. The Chief Information Officer (CIO), Chief Information Security Officer (CISO), or equivalent for each recipient and subrecipient should complete the NCSR. If there is no CIO or CISO, the most senior cybersecurity professional should complete the assessment.

Once your organization has completed the review, please send me documentation for our grant administration files. The documentation is the cover page of their confirming email that shows you successfully submitted the review for your organization.

Please email me if you have questions.

Thank you.

Beth Crane

Grants Coordinator

Regional Disaster Preparedness Organization (www.rdpo.org)

d: (503) 823-2027

9911 SE Bush Street Portland, Oregon, 97266

elizabeth.crane@portlandoregon.gov

website | twitter | facebook | publicalerts