Supports the management of a service center to respond to organizational employees' technical and administrative questions. The overall accountability rating for this information classification is Low.
Confidentiality level = Low
The confidentiality impact level is the effect of unauthorized disclosure of help desk service information on the ability of responsible entities to manage of service center responses to organizational employees' technical and administrative questions. The consequences of unauthorized disclosure of most help desk service information are likely to have only a limited adverse effect on organizational operations, organizational assets, or individuals.
Known mitigating factors toward changing the confidentiality level
Information associated with service center responses can provide useful information to adversaries seeking to penetrate organizational systems. If the contents or functions of a system have sufficient sensitivity and/or criticality, a moderate or high impact level may be considered for help desk information.
Integrity level = Low
The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information. In addition, the consequences of unauthorized modification to or destruction of help desk service information usually depends on the urgency with which the information is needed or the immediacy with which the information is used. In most cases, it is unlikely that the information will be time-critical or acted upon immediately.
Known mitigating factors toward changing the integrity level
In relatively few cases would the consequences of unauthorized modification of help desk information that is acted upon immediately result in more than limited damage to organizational operations or assets. Exceptions may include bogus information regarding operation of communications processors, data base systems, or other systems necessary to emergency response aspects of disaster management, criminal apprehension, air traffic control or other time-critical missions. In such cases, a moderate or high integrity impact level might be considered for unauthorized modification or destruction of help desk service information.
Availability level = Low
The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to reestablish access to help desk service information. Typically, disruption of access to help desk service information will have a limited adverse effect on organizational operations (including mission functions and public confidence in the organization), organizational assets, or individuals.
Known mitigating factors toward changing the availability level
Exceptions may include emergency response components of disaster management or other time-critical functions (e.g., some systems that support air traffic control functions). Consequently, the availability impact level associated with unauthorized modification or destruction of help desk service information needed to respond to emergencies can be high.