Fedramp system Security Plan (ssp) High Baseline Template


Assurance Level Impact Profile



Download 1.2 Mb.
Page470/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   466   467   468   469   470   471   472   473   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics
Assurance Level Impact Profile

Potential Impact Categories

1

2

3

Inconvenience, distress or damage to standing or reputation

Low

Mod

High

Financial loss or agency liability

Low

Mod

High

Harm to agency programs or public interests

N/A

Low/Mod

High

Unauthorized release of sensitive information

N/A

Low/Mod

High

Personal Safety

N/A

Low

Mod/High

Civil or criminal violations

N/A

Low/Mod

High


Digital Identity Level Selection


Instruction: Select the lowest level that will cover all potential impact identified from Table 15 -26. Potential Impacts for Assurance Levels.

Delete this instruction from your final version of this document.

The CSP Name has identified that they support the Digital Identity Level that has been selected for the as noted in Table 15 -27. Digital Identity Level. The selected Digital Identity Level indicated is supported for federal agency consumers of the cloud service offering. Implementation details of the Digital Identity mechanisms are provided in the System Security Plan under control IA-2.

Table 15‑27. Digital Identity Level


Digital Identity Level

Maximum Impact Profile

Selection

Level 1: AAL1, IAL1, FAL1

Low



Level 2: AAL2, IAL2, FAL2

Moderate



Level 3: AAL3, IAL3, FAL3

High



  1. PTA/PIA

This Attachment Section has been revised to include the PTA Template. Therefore, a separate PTA attachment is not needed. If any of the answers to Question 1-4 are “Yes” then complete a Privacy Impact Assessment Template and include it as an Attachment.

Delete this note and all other instructions from your final version of this document.

All Authorization Packages must include a Privacy Threshold Analysis (PTA) and if necessary, the Privacy Impact Assessment (PIA) attachment, which will be reviewed for quality.

The PTA is included in this section, and the PIA Template can be found on the following FedRAMP website page: Templates.

The PTA and PIA Template includes a summary of laws, regulations and guidance related to privacy issues in Error: Reference source not found.



Download 1.2 Mb.

Share with your friends:
1   ...   466   467   468   469   470   471   472   473   ...   478




The database is protected by copyright ©ininet.org 2024
send message

    Main page