D.4.2 - Disaster preparedness and planning
Disaster preparedness and planning involves the development of response programs to be used in case of a disaster.
This involves the development of emergency management programs and activities as well as staffing and equipping regional response centers. The recommended provisional categorization of the disaster preparedness and planning information type follows:
Security category
Confidentiality Low
The confidentiality impact level is the effect of unauthorized disclosure of disaster preparedness and planning information on the ability of responsible agencies to develop response programs to be used in case of a disaster. This involves the development of emergency management programs and activities as well as staffing and equipping regional response centers. The consequences of unauthorized disclosure of most disaster preparedness and planning information would have, at most, a limited adverse effect on agency operations, agency assets, or individuals. Special Factors Affecting Confidentiality Impact Determination: The consequences of unauthorized disclosure of some disaster preparedness and planning information may include revealing weak or sensitive critical infrastructure characteristics or inadequate security of U.S. targets to terrorists or other adversaries. Such information may reveal to an enemy the most effective technique(s) to use in attacking a target, and/or information regarding the capabilities, intent, and plans of our adversaries. Where unauthorized disclosure of disaster preparedness and planning information associated with critical infrastructures, large groups of people, or key national assets is expected to be of direct use to terrorists, the confidentiality impact level is recommended to be high. Recommended Confidentiality Impact Level: The provisional confidentiality impact level recommended for most disaster preparedness and planning information is low.
Integrity Low
The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information. The consequences of unauthorized modification or destruction of disaster preparedness and planning information depend on whether the information is time-critical. Special Factors Affecting Integrity Impact Determination: Unauthorized modification or destruction of information affecting external communications (e.g., web pages, electronic mail) may adversely affect operations and/or public confidence in the agency, but the damage to the mission will usually be limited. The consequences of unauthorized modification or destruction of information can be very serious or catastrophic if the data is time-critical operational information. In such cases, the impact level assigned would be moderate or high. Recommended Integrity Impact Level: The provisional integrity impact level recommended for most disaster preparedness and planning information is low.
Availability Low
The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to re-establish access to disaster preparedness and planning information. Generally, missions supported by disaster preparedness and planning information are not reliably tolerant of delays. Special Factors Affecting Availability Impact Determination: If emergency responders and those responsible for repair and restoration activities are unable to access preparedness and planning information in the event of an actual emergency the consequences may include confusion and delays. In such cases, the availability impact level can be moderate or high. Recommended Availability Impact Level: The provisional availability impact level recommended for disaster preparedness and planning information is low.