Information Asset Classification Questions Sample Clauses

Information Asset Classification Questions. Information assets are classified according to confidentiality, integrity, and availability. Each of these three principles of security is individually rated as low, moderate, or high. For example, an information asset may have a confidentiality level of “high”, an integrity level of “moderate”, and an availability level of “low” (i.e., HML). Below are the state-specified model questions. Unless otherwise indicated, the answers to each question must indicate the impact level (i.e., none or limited (low), serious (moderate) or severe or catastrophic (high). Confidentiality Questions Does the information include or contain PPSI (Personal, Private or Sensitive Information)? Y/N What impact does unauthorized access or disclosure of information have on health and safety? What is the financial impact of unauthorized access or disclosure of information? What impact does unauthorized access or disclosure of information have on NYSERDA’s mission? What impact does unauthorized access or disclosure of information have on the public trust? Is confidentiality mandated by law or regulation? If yes, determine the impact of unauthorized access or disclosure of information. Is the information intended for limited distribution? If yes, determine the impact of unauthorized access or disclosure of information. Is the information publicly available? Y/N If the answer to question 1 above is “Yes” or if any of the other answers are “severe or catastrophic”, the confidentiality rating is high. If the answer to question 1 above is “No” and if any of the other answers are “serious” but none are “severe or catastrophic”, the confidentiality rating is moderate. If the answer to question 1 above is “No” and if all of the other answers are “limited” or “none”, the confidentiality rating is low. Integrity Questions [1] Does the information include medical records? Y/N [2] Is the information (e.g., security logs) relied upon to make critical security decisions? Y/N [3] What impact does unauthorized modification or destruction of information have on health and safety? What is the financial impact of unauthorized modification or destruction of information? What impact does the unauthorized modification or destruction of information have on NYSERDA’s mission? What impact does unauthorized modification or destruction of information have on the public trust? Is integrity addressed by law or regulation? If yes, determine the impact of unauthorized modification or destruction of information. Is...
Sample 1
AutoNDA by SimpleDocs

Related to Information Asset Classification Questions

  • Client Classification 7.1. We shall not have an obligation to treat our clients in different classes depending on their knowledge and expertise.

  • Demographic, Classification and Wage Information XXXXXX agrees to coordinate the accumulation and distribution of demographic, classification and wage data, as specified in the Letter of Understanding dated December 14, 2011, to CUPE on behalf of Boards of Education. The data currently housed in the Employment Data and Analysis Systems (EDAS) will be the source of the requested information.

  • New Job Classifications 11.1 Whenever the Company determines it appropriate to create a new job classification in the bargaining unit, it shall proceed as follows.

  • NO EXCLUDED NATION OR TERRORIST ORGANIZATION CERTIFICATION As required by Chapter 2252 of the Texas Government Code the Contractor must certify that it is not a company engaged in active business operations with Sudan, Iran, or a foreign terrorist organization – specifically, any company identified on a list prepared and maintained by the Texas Comptroller under Texas Government Code §§806.051, 807.051, or 2252.153. (A company that the U.S. Government affirmatively declares to be excluded from its federal sanctions regime relating to Sudan, Iran, or any federal sanctions regime relating to a foreign terrorist organization is not subject to the contract prohibition.)

  • Sector Sub-Sector Industry Classification Level of Government Type of Obligation Description of Measure Source of Measure All sectors : : - : Central : National Treatment Senior Management and Board of Directors : National Treatment and the Senior Management and Board of Directors obligations shall not apply to any measure relating to small and medium sized domestic market enterprise2. Foreign equity is restricted to a maximum of 40% for domestic market enterprises with paid-in equity capital of less than the equivalent of USD 200,000 Note: Members of the Board of Directors or governing body of corporation or associations shall be allowed in proportion to their allowable participation or share in the capital of such enterprises. : -1987 Constitution of the Republic of the Philippines. - Foreign Investments Act of 1991 (R.A. No. 7042, as amended by R.A. No. 8179). -Presidential and Administrative Issuances. ∞ 2 The concept of a small and medium sized domestic market enterprise is an enterprise with paid in equity capital of less than the equivalent of USD 200,000.00.

  • Classification Changes When the University determines that a revision of a class specification for positions covered by this agreement is needed, and such revision affects the collective bargaining unit designation, the University shall notify AFSCME in writing of the proposed change. AFSCME shall notify the University, in writing, within fifteen (15) days of receipt of the proposed changes, of any comments it has concerning the proposed changes or of its desire to discuss the proposed changes.

  • Classification Review (a) An Employee who has reason to believe that they are improperly classified due to a substantial change in job duties, may apply to the Department Director, or designate, to have the Employee’s classification reviewed. The Director, or designate, will review the Employee’s application and advise the Employee of the Employer’s decision.

  • Classification Specifications The Employer agrees to supply the President of the Union or his/her designate with the classification specifications for those classifications in the Bargaining Unit.

  • Submission of Grievance Information a) Upon appointment of the arbitrator, the appealing party shall within five days after notice of appointment forward to the arbitrator, with a copy to the School Board, the submission of the grievance which shall include the following:

  • Confidential Nature of Personnel File All documents within an employee’s personnel file are considered to be confidential and shall remain within the sole jurisdiction and purview of the Employer and employee unless otherwise stipulated in this Agreement.

Time is Money Join Law Insider Premium to draft better contracts faster.