Supports accounting for assets, liabilities, fund balances, revenues and expenses associated with the maintenance of organizational funds and expenditure of organizational appropriations (Salaries and Expenses, Operation and Maintenance, Procurement, Working Capital, Trust Funds, etc.), in accordance with applicable organizational standards. The overall accountability rating for this information classification is Low.
Confidentiality level = Low
The confidentiality impact level is the effect of unauthorized disclosure of accounting information on the abilities of organizational entities to maintain organizational funds and expenditure of organizational appropriations in accordance with applicable organizational standards. Unauthorized disclosure of accounting information for programs that process classified or high-impact information can give adversaries damaging insights into details of organizational plans, priorities, and operations. In most cases, unauthorized disclosure of accounting information will have only a limited adverse effect on organizational operations, assets, or individuals. (Trade secret program and systems are outside the scope of this guideline.)
Known mitigating factors toward changing the confidentiality level
In relatively rare cases, actions taken based on unauthorized disclosure of accounting details can pose a threat to human life or a loss of major assets, so the confidentiality impact would be high. In some cases, unauthorized disclosure of accounting information can violate proprietary information or other nondisclosure agreements. In such cases, the organization may suffer not only a loss of public confidence, but may become vulnerable to legal actions. Where sensitive or proprietary information is involved, the impact of unauthorized disclosure is likely to be moderate. Where the accounting information is involved in an audit associated with suspected fraud or other criminal activities, the investigation may be imperiled. Here too, the impact of unauthorized disclosure is likely to be moderate.
Integrity level = Moderate
The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information. Accounting activities are not generally time-critical. An accumulation of small changes to data or deletion of small entries can result in cost overruns and other cases of excessive obligations or disbursements. In most cases, the adverse effects of consequent negative publicity and institution of corrective action programs on mission functions and public confidence in the organization can be serious.
Known mitigating factors toward changing the integrity level
In some cases, undetected integrity compromises can be extremely expensive to the organization and its employees in terms of both monetary losses and loss of reputation.
Availability level = Low
The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to reestablish access to the accounting information. Accounting processes are generally tolerant of delay. Typically, disruption of access to accounting information can be expected to have only a limited adverse effect on organizational operations, organizational assets, or individuals.