C.3.2.2 - Reporting and information
Reporting and Information includes providing financial information, reporting and analysis of financial transactions.
Financial reporting includes the activities necessary to support: management's fiduciary role; budget formulation and execution functions; fiscal management of program delivery and program decision making; and internal and external reporting requirements. The recommended security categorization for the 'financial reporting and information' information type is as follows:
Security category
Confidentiality Low
The confidentiality impact level is the effect of unauthorized disclosure of financial reporting information on an agency's ability to provide financial information and reporting and analysis of financial transactions. Typically, the unauthorized disclosure of financial reporting information will have only a limited adverse effect on agency operations, assets, or individuals. Special Factors Affecting Confidentiality Impact Determination: Unauthorized disclosure of financial reporting information for programs that process high-impact information can give adversaries damaging insights into details of agency plans, priorities, and operations. In relatively rare cases, actions taken based on unauthorized disclosure of financial reporting details pose a threat to human life or a loss of major assets, so the confidentiality impact is high. Recommended Confidentiality Impact Level: The provisional confidentiality impact level recommended for reporting and information is low.
Integrity Moderate
The integrity impact level is based on the specific mission and the data supporting that mission,
Availability Low
The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to re-establish access to the assets and liability management information. Financial reporting processes are generally tolerant of delay. Typically, disruption of access to financial reporting information can be expected to have only a limited adverse effect on agency operations, agency assets, or individuals. Recommended Availability Impact Level: The provisional availability impact recommended for reporting and information is low.