C.2.3.8 - Budget and performance integration

Budget and Performance Integration involves activities that align Federal resources allocated through budget formulation, execution, and management actions with examinations of program objectives, performance, and demonstrated results such as Program Performance Assessments, Government Performance Results Act (GPRA) plans and reports, performance-based agency budget submissions, and Financial Management Cost Accounting and Performance Measurement data.

Subject to exception conditions described below, the recommended security categorization for the budget and performance integration information type is as follows:

Security category

C.2.3.8 - Budget and performance integration = {(confidentiality, Low), (integrity, Low), (availability, Low)}

Confidentiality Low

The confidentiality impact level is the effect of unauthorized disclosure budget and performance integration information on the abilities of responsible agencies to align Federal resources allocated through budget formulation, execution, and management actions. The consequences of unauthorized disclosure of the majority of budget and performance integration information will result in a limited adverse effect on agency operations, agency assets, or individuals. Special Factors Affecting Confidentiality Impact Determination: The effects of loss of confidentiality of budget and performance integration information can violate privacy regulations, reveal information proprietary to private institutions, and reveal procurement-sensitive information. In aggregate, budget and performance integration information can reveal capabilities and methods that some agencies (e.g., law enforcement, homeland security, national defense, intelligence) consider extremely sensitive. In these cases, the potential harm that can result from unauthorized disclosure ranges from moderate to high to national security-related. In the last case, the information is outside the scope of this document. Public release of sensitive budget and performance integration information can result in unnecessary damage to public confidence in the agency. This is particularly likely where the release includes unedited internal commentary and discussion. Recommended Confidentiality Impact Level: The provisional confidentiality impact level recommended for resource budget and performance integration information is low.

Integrity Low

The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information. Special Factors Affecting Integrity Impact Determination: Unauthorized modification or destruction of information affecting external communications that contain budget and performance integration 24 information (e.g., web pages, electronic mail) may adversely affect operations or public confidence in the agency, but the damage to the mission would usually be limited. Public confidence consequences will be more serious for agencies that have national defense, intelligence, or information security missions. In such cases, the impact may be at least moderate. Recommended Integrity Impact Level: The provisional integrity impact level recommended for budget and performance integration information is low.

Availability Low

The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to re-establish access to budget and performance integration information. The budget and performance integration processes are usually tolerant of delays. Recommended Availability Impact Level: The provisional availability impact level recommended for budget and performance integration information is low.