Commonwealth Security Services defines Blue Teaming to be a "review of security polocies and procedures, testing security of the facilities and network resources in coordination with onsite support and security staff."

Commonwealth Security Services  suggests that blue team assessments be performed on a yearly basis for larger networks and facilities and every two years for smaller organizations. This frequency is to provide management with a snapshot of the security posture of the facility and network resources at that specific time.  It also provides a mechanism to test existing policies and procedures and provides training to the onsite personell in doing so.

Unlike the Red Team Assesments, Blue Team Assesments are planned and executed within full view of staff and often facilitated by the staff. Interviews with key personell and random users are frequently used during a Blue Team to judge the experience of the users and knowledge of the policies and rules.

Blue team assessments are a flexible tool that organizations use to identify critical vulnerabilities; understand threat; deliver effective and secure components, systems, and plans; and consider alternative strategies and courses of action.