C.2.2.4 - Rule publication
Rule Publication includes all activities associated with the publication of a proposed or final rule in the Federal Register and Code of Federal Regulations.
Subject to exception conditions described below, the recommended security categorization for the rule publication information type is as follows:
Security category
Confidentiality Low
The confidentiality impact level is the effect of unauthorized disclosure of rule publication information on the ability of responsible agencies to publish proposed or final rules in the Federal Register and Code of Federal Regulations. The published rules are, by definition, public information. The effects of loss of confidentiality of information associated with the rule publication process are unlikely to pose the threat of serious harm to agency assets, personnel or operations. Recommended Confidentiality Impact Level: In general, the provisional confidentiality impact level recommended for rule publication information is low.
Integrity Low
The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information. In the worst cases, errata can be published. Unauthorized modification or destruction of information may result in unnecessary expenditures, some confusion, and limited damage to public confidence in the agency. Recommended Integrity Impact Level: The provisional integrity impact level recommended for rule publication information is low.
Availability Low
The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to re-establish access to the rule publication information. Rule publication processes are usually tolerant of delays. Recommended Availability Impact Level: The provisional availability impact level recommended for rule publication information is low.