C.2.8.4 - Central property management
Central Property Management involves most of the operations of the General Services Administration.
The following recommended provisional security categorization of central property management information is particularly subject to change where critical infrastructure elements or key national assets are involved:
Security category
Confidentiality Low
The confidentiality impact level is the effect of unauthorized disclosure of central property management information on the ability of the General Services Administration to acquire, provide, and centrally administer offices buildings, fleets, machinery, and other capital assets and consumable supplies used by the Federal government. The consequences of unauthorized disclosure of most central property management information are likely to have only a limited adverse effect on agency operations, agency assets, or individuals. Special Factors Affecting Confidentiality Impact Determination: Unauthorized disclosure of information associated with very large procurements can result in fraud, waste, abuse, and/or legal proceedings that can have a serious to severe effect on Federal government assets and operations. Also, information associated with acquisition, maintenance, administration, and operation of many Federal government office buildings, transportation fleets, and operational facilities can be of material use to criminals seeking to gain access to Federal facilities to facilitate or perpetrate fraud, theft, or some other criminal enterprise. In this case, unauthorized disclosure of information can have a serious adverse effect on agency operations, agency assets, or individuals. The consequent confidentiality impact would be at least moderate. Information associated with maintenance, administration, and operation of other Federal government facilities can be of material use to terrorists seeking to penetrate and/or commandeer such facilities as part of operations intended to harm critical infrastructures, key national assets, or people. Examples of more potentially damaging information include architectural, maintenance and administrative information that might permit either covert pedestrian or unimpeded vehicular access to government buildings (e.g., Congressional office buildings, FBI Headquarters, the National Archives, Smithsonian Institution buildings, dams, nuclear power plants, etc.). In such cases, the confidentiality impact level may be high. [Some information is classified as national security and is outside the scope of this guideline.] Anticipated or realized unauthorized disclosure of one agency's central property management information by GSA could result in negative impacts on cross-jurisdictional coordination within the central property management infrastructure and the general effectiveness of organizations tasked with acquiring and managing government facilities and supplies. Recommended Confidentiality Impact Level: The provisional confidentiality impact level recommended for central property management information is low.
Integrity Low
The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information. In addition, the consequences of unauthorized modification or destruction of central property management information usually depends on the urgency with which the information is needed or the immediacy with which the information is used. In most cases, it is unlikely that the information will be time-critical or acted upon immediately. Unauthorized modification or destruction of information affecting external publication of central property management information (e.g., web pages, electronic mail) may adversely affect public confidence in the agency. However, damage to the mission would usually be limited. Recommended Integrity Impact Level: The provisional integrity impact level recommended for central property management information is low.
Availability Low
The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to re-establish access to the central property management information. The functions supported by most central property management information are tolerant of delays. Typically, the disruption of access to central property management information will have a limited adverse effect on agency operations (including mission functions and public confidence in the agency), agency assets, or individuals. Special Factors Affecting Availability Impact Determination: Exceptions may include emergency response aspects of disaster management. In such cases, delays measured in hours can cost lives and major property damage. Consequently, the availability impact level associated with unauthorized modification or destruction of central property management information needed to respond to emergencies may be high. Recommended Availability Impact Level: The provisional availability impact level recommended for central property management information is low.