• Say What You Do Products
• Change Management
• Information Assurance Compliance Maturity Model Index (IACMMI)
• The Language of Compliance
• Systems and Info Classification
• Administrative Management
• Workplace Policy Development and Management
• Facilities, Fleet, and Equipment Management
• Travel
• Help Desk Services
• Physical Security Management
• Compliance Development and Enforcement
• Standards Setting/Reporting Guideline Development
• Policies, Standards, and Procedures Publication
• Policy and Guidance Development
• Public Comment Tracking
• Regulatory Creation
• Inspections and Auditing
• Controls and Oversight
• Program Evaluation
• Corrective Action
• Program Monitoring
• Credit and Insurance
• General Insurance
• Loan Guarantees
• Direct Loans
• Education
• Higher Education
• Elementary, Secondary, and Vocational Education
• Financial Management
• Budget & Finance
• Financial Reporting Information
• Asset & Liability Management
• Accounting
• Payments
• Unemployment Compensation
• Collections and Receivables
• General Retirement and Disability Program Management
• General Organizational Support
• Taxation management (governmental agencies)
• Centralized Fiscal Operations
• Legal Functions
• Records and Statistics Management
• Centralized Personnel Management
• Property Management
• General Executive Functions
• Staff Income Information
• Benefits Entitlement Event Information
• Representative Payee Information
• Strategic Executive Functions
• Personal Identity and Authentication
• Goods and Services Creation and Management
• Facilities and Infrastructure Management
• Goods and Services Production
• Construction
• Healthcare
• Health Care Services
• Consumer Health and Safety
• Human Resources
• Personnel Management
• Security Clearance Management
• Benefits Management
• Worker Safety
• Labor Rights Management
• Staff Recruitment and Employment
• Payroll Management and Expense Reimbursement
• Resource Training and Development
• Information & Technology Management
• System Development
• Information Management
• Record Retention
• IT Security
• IT Infrastructure Maintenance
• System Maintenance
• Lifecycle/Change Management
• Internal Risk Management and Mitigation
• Disaster Preparedness and Planning
• Contingency Planning
• Continuity of Operations
• Service Recovery
• Emergency Response
• Law Enforcement
• Criminal Apprehension
• Criminal Investigation and Surveillance
• Citizen Protection
• Property Protection
• Crime Prevention
• Legal, Litigation, and Judicial
• Judicial Hearings
• Legal Defense
• Legal Investigation
• Legal Litigation
• Resolution Facilitation
• Permits and Licensing
• Planning and Resource Allocation
• Strategic Planning
• Enterprise Architecture
• Budget Formulation
• Capital Planning
• Budget Execution
• Workforce Planning
• Management Improvement
• Research Operations
• Public Affairs
• Customer Services
• Official Information Dissemination
• Public Relations
• Product Outreach
• Revenue Collection
• Debt Collection
• Staff Fee Collection
• Organizational Asset Sales
• Supply Chain Management
• Inventory Control
• Logistics Management
• Goods Acquisition
• Services Acquisition
• Advising and Consulting
• Knowledge Dissemination
• Third Party Relations
• Third Party Program Project Information
• Third Party Liaison
• Third Party Program Proposal Development
• Third Party Program Tracking

Supports the creation and dissemination of guidelines to assist in the interpretation and implementation of regulations. The overall accountability rating for this information classification is Low.

Confidentiality level = Low

The confidentiality impact level is the effect of unauthorized disclosure of policy and guidance information on the ability of responsible entities to create and disseminate guidelines to assist in the interpretation and implementation of regulations. The confidentiality impact of policy and guidance information is largely event-driven. Once a policy or guidance statement has been promulgated, most policy and guidance information is in the intranet domain. However, premature unauthorized disclosure of candidate policy and guidance material can result in disruption of the policy development process.

Known mitigating factors toward changing the confidentiality level

The effects of loss of confidentiality of guidelines during the formative stage can result in attempts by affected entities and other interested parties to influence and/or impede the policy and guideline development process. Premature release of formative policies and guidelines before internal coordination and review can result in unnecessary damage to internal confidence in the organization. This is particularly likely where the release includes unedited internal commentary and discussion. Delays can impair an entity's mission, but loss of internal confidence can do serious and persistent harm to an organization's ability to effectively perform its mission. In such cases, the provisional confidentiality impact level recommended for policy and guidance development information is moderate.

Integrity level = Low

The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information.

Known mitigating factors toward changing the integrity level

Some policy and guidance information is time-critical. Unauthorized modification or destruction of information affecting external communications that contain policy and guidance development information (e.g., web pages, electronic mail) may adversely affect operations or internal confidence in the entity, but the damage to the mission would usually be limited.

Availability level = Low

The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to reestablish access to the policy and guidance development information. Though some policy and guidance information is time-critical, the policy and guidance development process is usually tolerant of delays.