C.2.7.3 - Proposal development
Proposal Development involves drafting proposed legislation that creates or amends laws subject to Congressional legislative action.
Subject to exception conditions described below, the recommended security categorization for the proposal development information type is as follows:
Security category
Confidentiality Moderate
The confidentiality impact level is the effect of unauthorized disclosure of proposal development information on the ability of responsible agencies to draft proposed legislation that creates or amends laws subject to Congressional legislative action. Legislation is normally in the public domain. However, the effects of loss of confidentiality of background information used in the development of proposed legislation or of early drafts of proposed legislation could result in attempts by competing interests to influence and/or impede a specific legislative process. The consequences to agency programs and of the ability of an agency to perform its mission can be very serious. Premature public release of proposed legislation before internal coordination and review has been conducted can result in unnecessary criticism of the proposed legislation and even damage public confidence in the agency. These consequences are particularly likely where the release includes unedited internal commentary and discussion. In general, unauthorized disclosure of much legislative proposal information, particularly in early phases of the process, is likely to result in serious harm to agency assets or operations. 40 Special Factors Affecting Confidentiality Impact Determination: Some proposal development information used by specific Federal agencies (e.g., homeland security, law enforcement, defense, intelligence community) is very sensitive or classified national security information. National security information is outside the scope of this guideline. The sensitivity level recommended for the very sensitive information is high. If the proposal development information is moved to the public domain, the confidentiality impact level becomes Not Applicable (NA). Recommended Confidentiality Impact Level: In order to accommodate event-driven consequences of unauthorized disclosure of pre-release drafts, the provisional confidentiality impact level recommended for proposal development information is moderate.
Integrity Low
The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information. Unauthorized modification or destruction of information affecting external publication of proposed legislation (e.g., web pages, electronic mail) might adversely affect inter-agency relationships, relations with Congress, or public confidence in the agency. However, damage to the mission would usually be limited. Recommended Integrity Impact Level: The provisional integrity impact level recommended for proposal development information is low.
Availability Low
The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to re-establish access to the proposal development information. Proposal development processes are usually tolerant of delays. Special Factors Affecting Availability Impact Determination: Excessive recovery delays can result in damage to agency reputation and to interests associated with specific legislation. This can result in assignment of a moderate impact level to such information. Recommended Availability Impact Level: The provisional availability impact level recommended for proposal development information is low.