Term:Level of Concern

From FISMApedia
Revision as of 00:51, 27 October 2009 by DanPhilpott (talk) (1 revision)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

CNSSI 4009

Level of Concern - Rating assigned to an IS indicating the extent to which protection measures, techniques, and procedures must be applied. High, Medium, and Basic are identified levels of concern. A separate Level-of-Concern is assigned to each IS for confidentiality, integrity, and availability.

DSS Glossary

Level of Concern - Rating assigned to a specific information system by the Designated Approving Authority. A separate Level of Concern is assigned to each Information System for Confidentiality, Integrity, and Availability. The Level of Concern for Confidentiality, Integrity, and Availability can be Basic, Medium, or High. The Level of Concern assigned to an Information System for Confidentiality is based on information it maintains processes and transmits. The Level of Concern assigned to an Information System for Integrity is based on the degree for resistance to unauthorized modifications. The Level of Concern assigned to an Information System for Availability is based on the needed availability of the information maintained, processed, and transmitted by the systems for mission accomplishment and how much too tolerance for delay is allowed.