a) Based on what the Federal Information Processing Standard 199 (FIPS-199) requ

Question

a) Based on what the Federal Information Processing Standard 199 (FIPS-199) requires information owners to classify information and information systems? Provide a detailed answer.

b) Are there any differences between classifying governmental information and commercial information? And are there any common levels of classification have been used to classify governmental information and commercial information? Explain your answers and supported them with examples (NOT from the book or slides).

c) Can a company make a change on classified information? Assuming now a company feels that such information need higher protection or the company decide to make some information that was classified as secret to be accessed by public. Here, is there any mechanism or process that allows a change in classified information. Explain your answers and supported them with examples (NOT from the book or slides).

Explanation / Answer

A) The Federal data Security Management Act (FISMA), directed the promulgation of federal standards for the safety categorization of federal data and knowledge systems supported objectives of providing the acceptable levels of knowledge security in step with a spread of risk levels. numerous data needed is:-

•           Required Input

•           Documenting data sorts

•           Documenting impact level assessment

•           Required output

B) affirmative there's a distinction between classifying government data with business data.

Governmental Information- The loss of confidentiality, integrity, or convenience may well be expected to possess a severe or ruinous adverse impact on structure operations, structure assets, or people. AMPLIFICATION: A severe or ruinous adverse impact implies that, as an example, the loss of confidentiality, integrity, or convenience might: (i) cause a severe degradation in or loss of mission capability to associate degree extent and length that the organization isn't ready to perform one or additional of its primary functions; (ii) end in major injury to structure assets; (iii) end in major monetary loss; or (iv) end in severe or ruinous hurt to people involving loss of life or serious life threatening injuries

Commercial Information- The loss of confidentiality, integrity, or convenience may well be expected to possess a significant adverse impact on structure operations, structure assets, or people. AMPLIFICATION: a significant adverse impact implies that, as an example, the loss of confidentiality, integrity, or convenience might: (i) cause a big degradation in mission capability to associate degree extent and length that the organization is ready to perform its primary functions, however the effectiveness of the functions is considerably reduced; (ii) end in important injury to structure assets; (iii) end in important monetary loss; or (iv) end in important hurt to people that doesn't involve loss of life or serious life threatening injuries

C) cleansing is one amongst the processes for declassifying the knowledge. Classified data is shielded from unauthorized access victimization some security system. once this data is alter the documents ar faraway from the list and created accessible to common users

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.