Supports the operations of the organizational centralized property management entity(s). The overall accountability rating for this information classification is Low.
Confidentiality level = Low
The confidentiality impact level is the effect of unauthorized disclosure of central property management information on the ability of the organization to acquire, provide, and centrally administer offices buildings, fleets, machinery, and other capital assets and consumable supplies used by the organization. The consequences of unauthorized disclosure of most central property management information are likely to have only a limited adverse effect on organizational operations, organizational assets, or individuals.
Known mitigating factors toward changing the confidentiality level
Unauthorized disclosure of information associated with very large procurements can result in fraud, waste, abuse, and/or legal proceedings that can have a serious to severe effect on organizational assets and operations. Also, information associated with acquisition, maintenance, administration, and operation of many organizational office buildings, transportation fleets, and operational facilities can be of material use to criminals seeking to gain access to organizational facilities to facilitate or perpetrate fraud, theft, or some other criminal enterprise. In this case, unauthorized disclosure of information can have a serious adverse effect on organizational operations, organizational assets, or individuals. The consequent confidentiality impact would be at least moderate. Information associated with maintenance, administration, and operation of other organizational facilities can be of material use to terrorists seeking to penetrate and/or commandeer such facilities as part of operations intended to harm critical infrastructures, key organizational assets, or people. Examples of more potentially damaging information include architectural, maintenance and administrative information that might permit either covert pedestrian or unimpeded vehicular access to organizational buildings. In such cases, the confidentiality impact level may be high.
Integrity level = Low
The integrity impact level is based on the specific mission and the data supporting that mission, not on the time required to detect the modification or destruction of information. In addition, the consequences of unauthorized modification or destruction of central property management information usually depends on the urgency with which the information is needed or the immediacy with which the information is used. In most cases, it is unlikely that the information will be time-critical or acted upon immediately. Unauthorized modification or destruction of information affecting external publication of central property management information (e.g., web pages, electronic mail) may adversely affect public confidence in the organization. However, damage to the mission would usually be limited.
Availability level = Low
The availability impact level is based on the specific mission and the data supporting that mission, not on the time required to reestablish access to the central property management information. The functions supported by most central property management information are tolerant of delays. Typically, the disruption of access to central property management information will have a limited adverse effect on organizational operations (including mission functions and public confidence in the organization), organizational assets, or individuals.
Known mitigating factors toward changing the availability level
Exceptions may include emergency response aspects of disaster management. In such cases, delays measured in hours can cost lives and major property damage. Consequently, the availability impact level associated with unauthorized modification or destruction of central property management information needed to respond to emergencies may be high.