C.2.6.1 - Customer services
Customer Service supports activities associated with providing and managing the delivery of information and support to the government's customers.
The recommended security categorization for the customer service information type is as follows:
Security category
Confidentiality Low
The confidentiality impact level is the effect of unauthorized disclosure of customer service information on the ability of responsible agencies to provide and manage the delivery of information and support to the government's customers. Most customer service information is likely to be in the public domain and poses no confidentiality impact. In most cases, unauthorized disclosure of customer service information will have at most a limited adverse effect on agency operations, assets, or individuals. Special Factors Affecting Confidentiality Impact Determination: Some customer service information may include customer-provided information covered by the provisions of the Privacy Act of 1974. The Privacy Act Information provisional impact levels are documented in the Personal Identity and Authentication information type. Unauthorized disclosure of large volumes of information protected under the Privacy Act can be expected to have a serious to severe effect on public confidence in the agency. Actions taken that are intended to establish blame, compensate victims, or repair damage done with the exposed information can cause serious disruption of an agency's mission capability. In such cases, the confidentiality impact can be moderate. Recommended Confidentiality Impact Level: The provisional confidentiality impact level recommended for customer service information is low.
Integrity Low
The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information. Typically, the adverse effects of unauthorized modification or destruction of customer service information on overall agency mission functions or public confidence in the agency are limited. The more serious integrity impacts become increasingly likely as E-government initiatives progress. Typically, the unauthorized modification or destruction of information affecting external communications (e.g., web pages, electronic mail) will result in limited adverse affect on operations or public confidence in the agency and the damage to most missions would usually be limited. Special Factors Affecting Integrity Impact Determination: An increasing proportion of customer service activities are interactive. Consequently, there is a potential for customer actions being taken based on modified or incomplete information. Similarly, unauthorized modification or deletion of customer-supplied information can result in government mishandling of interactions with customers. If this occurs on a large-scale serious damage to public confidence in the agency may result. In such cases, a moderate integrity may be associated with customer service information. Recommended Integrity Impact Level: The provisional integrity impact level recommended for customer service information is low.
Availability Low
The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to re-establish access to the customer service information. The effects of disruption of access to or use of customer service information can usually be In addition, customer service operations are not typically tolerant of delay. Even temporary loss of availability of customer service information is likely to disrupt customer operations. In most cases, disruption of access to customer service information can be expected to have only a limited adverse effect on agency operations, agency assets, or individuals. Special Factors Affecting Availability Impact Determination: While most outages will result in only limited adverse effects on government operations, repeated outages can have a serious adverse effect on public confidence in the agency. In such cases, the availability impact might be moderate. Recommended Availability Impact Level: The provisional availability impact level recommended for customer service information is low.