C.2.8.12 - General information
An additional management and support sub-function information type has been defined to address General Information as a catch-all information type that may not be defined by the FEA BRM.
As such, agencies may find it necessary to identify additional information types not defined in the BRM and assign impact levels to those types. Agency personnel may uniquely identify information types using a FIPS 199 process to identify information not contained neatly in the FEA BRM. Not all of these information types are likely to have the same impact levels. The impacts to some information types will jeopardize system functionality and the agency mission more than other information types. General Information impact levels must be assessed in the context of the agencies mission.
Security category
Confidentiality Low
The confidentiality impact level is based on the effects of unauthorized disclosure of representative general information on the ability of the agency to accomplish its mission. Recommended Confidentiality Impact Level: The provisional confidentiality impact level recommended for general information is low.
Integrity Low
The integrity impact level is based on the specific use of the general information and not on the time required to detect the modification or destruction of information. Recommended Integrity Impact Level: The provisional integrity impact level recommended for general information is low.
Availability Low
The availability impact level is based on the specific use of the general information and not on the time required to re-establish access to the general information. Recommended Availability Impact Level: The provisional availability impact level recommended for general information is low.