<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] is a [Federal Information Processing Standard] that describes [Standards] for [Data Security Impact] of Federal Information and Information Systems


[{$pagename}] describes the [Standards] to be used by all [federal|United States federal government] [agencies|United States Federal Agency] to [categorize|Classification] all information and information systems collected or maintained by or on behalf of each agency based on the objectives of providing appropriate levels of information security according to a range of [risk] levels

!! [{$pagename}] uses the term POTENTIAL IMPACT
Impact values assigned by [OMB] for these categories of harm are defined in [{$pagename}] reproduced below:
%%zebra-table
%%sortable
%%table-filter
||Security Objective||LOW||MODERATE||HIGH
|[Confidentiality]|The unauthorized [disclosure] of [information|data] could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.|The [unauthorized] [disclosure] of information could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. | The [unauthorized] [disclosure] of information could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. 
|[Integrity]|The unauthorized modification or destruction of information could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.|The unauthorized modification or destruction of information could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.|The unauthorized modification or destruction of information could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.
|[Availability]|The disruption of access to or use of information or an information system could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.|The disruption of access to or use of information or an information system could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.|The disruption of access to or use of information or an information system could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals
/%
/%
/%


The [NIST.SP.800-63] [M-04-04 Level of Assurance (LOA)] provides technical requirements for each of the Authentication Levels of Assurance defined. 



!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]



























































































































































































</pre>