C.2.8.7 - Central records and statistics management
Central Records and Statistics Management involves the operations surrounding the management of official documents, statistics, and records for the entire Federal Government.
This information type is intended to include information and information systems associated with the management of records and statistics for the Federal government as a whole, such as the records management performed by NARA or the statistics and data collection performed by the Bureau of the Census. Note: Many agencies perform records and statistics management for a particular business function and as such should be mapped to the service support, management, or mission area associated with that business function. The central records and statistics management information type is intended for functions performed on behalf of the entire Federal government. The recommended security categorization for the central records and statistics management information type is as follows:
Security category
Confidentiality Moderate
The confidentiality impact level is the effect of unauthorized disclosure of central records and statistics management information on the ability of responsible agencies to manage official documents, statistics, and records for the entire Federal Government. Unauthorized disclosure of raw data and other source information for central records and statistics management operations is likely to violate the Privacy Act of 1974 and other regulations applicable to the dissemination of personal and government information. (The provisional impact levels for personnel information are documented in the Personal Identity and Authentication, Income, Representative Payee, and Entitlement Event information types.) 50 Special Factors Affecting Confidentiality Impact Determination: Unauthorized disclosure of some centrally managed records can pose a threat to human life or a loss of major assets. In such cases, the confidentiality impact is high. Recommended Confidentiality Impact Level: The provisional confidentiality impact level recommended for central records and statistics management information is moderate.
Integrity Low
The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information. In addition, the consequences of unauthorized modification or destruction of central records and statistics management information may depend on the urgency with which the information is needed or the immediacy with which the information is used. In most cases, it is unlikely that the information will be time-critical or acted upon immediately. Recommended Integrity Impact Level: The provisional integrity impact level recommended for central records and statistics management information is low.
Availability Low
The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to re-establish access to the central records and statistics management information. Central records and statistics management processes are generally tolerant of reasonable delays. Generally, disruption of access to central records and statistics management information can be expected to have only a limited adverse effect on agency operations, agency assets, or individuals. Recommended Availability Impact Level: The provisional availability impact level recommended for central records and statistics management information is low.