ࡱ>  13./06aceo@ bjbjFF ZJ,,$2F2F2FPFlGt{nL:Q(bQbQbQ=RWY$Rݕr4`=R=R``4bQbQ5ddd`bQbQd`dd|}bQbL Ct82F1`F|~<K0{|Ow`TO,}}O}Ze\:d]^ZZZ44 D${d STATE OF MICHIGAN  EMBED MSPhotoEd.3   FORMTEXT Department of Agency  FORMTEXT Title of Application Information Technology Project Security Plan & Assessment Prepared by: FORMTEXT       Date  FORMTEXT       Initiation & PlanningRequirements DefinitionFunctional DesignSystem DesignConstructionTestingImplementationOperations/ MaintenanceDisposalLifecycle Stage FORMCHECKBOX  FORMCHECKBOX  FORMCHECKBOX  FORMCHECKBOX  FORMCHECKBOX  FORMCHECKBOX  FORMCHECKBOX  FORMCHECKBOX  FORMCHECKBOX  OES USE ONLYCIATotal Score FORMTEXT       FORMTEXT       FORMTEXT       FORMTEXT        Table of Contents  TOC \o "1-2" \h \z \u  HYPERLINK \l "_Toc166915653" 1.0 Introduction  PAGEREF _Toc166915653 \h 3  HYPERLINK \l "_Toc166915654" 2.0 Purpose  PAGEREF _Toc166915654 \h 4  HYPERLINK \l "_Toc166915655" 3.0 Initiation and Planning Stage  PAGEREF _Toc166915655 \h 4  HYPERLINK \l "_Toc166915656" 3.1 Security Plan  PAGEREF _Toc166915656 \h 4  HYPERLINK \l "_Toc166915657" 3.2 MDIT security policies, standards & procedures  PAGEREF _Toc166915657 \h 4  HYPERLINK \l "_Toc166915658" 3.3 Agency security policies, standards & procedures  PAGEREF _Toc166915658 \h 4  HYPERLINK \l "_Toc166915659" 3.4 Data classification  PAGEREF _Toc166915659 \h 4  HYPERLINK \l "_Toc166915660" 3.5 System criticality  PAGEREF _Toc166915660 \h 5  HYPERLINK \l "_Toc166915661" 4.0 Security Requirements/Recommendations Stage  PAGEREF _Toc166915661 \h 6  HYPERLINK \l "_Toc166915662" 5.0 Functional Design Stage  PAGEREF _Toc166915662 \h 12  HYPERLINK \l "_Toc166915663" 5.1 Describe the function of the system/application  PAGEREF _Toc166915663 \h 12  HYPERLINK \l "_Toc166915664" 5.2 Describe each applications function and the information processed  PAGEREF _Toc166915664 \h 12  HYPERLINK \l "_Toc166915665" 5.3 Other Systems or Applications serviced by this hardware  PAGEREF _Toc166915665 \h 12  HYPERLINK \l "_Toc166915666" 5.4 Hardware/software this system/application will be utilizing  PAGEREF _Toc166915666 \h 12  HYPERLINK \l "_Toc166915667" 5.5 Proposed security controls  PAGEREF _Toc166915667 \h 12  HYPERLINK \l "_Toc166915668" 5.6 Infrastructure/Network Diagram  PAGEREF _Toc166915668 \h 14  HYPERLINK \l "_Toc166915669" 5.7 Data Flow Diagram  PAGEREF _Toc166915669 \h 16  HYPERLINK \l "_Toc166915670" 6.0 System Design  PAGEREF _Toc166915670 \h 18  HYPERLINK \l "_Toc166915671" 6.1 Infrastructure/Network Diagram  PAGEREF _Toc166915671 \h 18  HYPERLINK \l "_Toc166915672" 6.2 Data Flow Diagram  PAGEREF _Toc166915672 \h 20  HYPERLINK \l "_Toc166915673" 7.0 Construction  PAGEREF _Toc166915673 \h 22  HYPERLINK \l "_Toc166915674" 8.0 Testing  PAGEREF _Toc166915674 \h 22  HYPERLINK \l "_Toc166915675" 9.0 Implementation  PAGEREF _Toc166915675 \h 22  HYPERLINK \l "_Toc166915676" 9.1 Security Analysis  PAGEREF _Toc166915676 \h 23  HYPERLINK \l "_Toc166915677" 9.2 Approvals  PAGEREF _Toc166915677 \h 32  HYPERLINK \l "_Toc166915678" Appendix A: System Security Level Matrix  PAGEREF _Toc166915678 \h 33  1.0 Introduction Including security early in the life cycle of a project will usually result in less expensive and more effective security than adding it to an operational system. This document presents a guide for incorporating security into the Systems Engineering Methodology (SEM) of the State Unified Information Technology Environment (SUITE) Model. This document will help agencies select and acquire cost-effective security controls by explaining how to include information system security requirements within the appropriate stages of the SEM. SEM includes the following stages: Initiation & Planning, Requirements Definition, Functional Design, System Design, Construction, Technical Testing, and Implementation. Each of these stages identifies minimum security needed to effectively incorporate security into a system during its development. This document serves as documentation of the structured process of planning adequate, cost-effective security protection for a system. This document contains detailed technical information about the system, its security requirements, and the controls implemented to provide protection against its risks and vulnerabilities. This document, at a minimum, is marked, and should be handled and controlled as a sensitive document. This document is submitted to obtain a formal security sign off from the sponsors. The lack of sign off may prevent the security elements of this project from proceeding to production. I ___________________________________ will assist ___________________________________ (Name) Project Manager (Name) OES Liaison in completing the Information Technology Project Security Plan & Assessment as we advance through each phase of the Systems Engineering Methodology (SEM). 2.0 Purpose This section communicates the purpose of the project, including the business problem to be solved. 3.0 Initiation and Planning Stage This is the first stage in the lifecycle of the project. This stage involves the discovery of a need for a new system or enhancements to an existing system. 3.1 Security Plan The purpose of the security plan is to provide a basic overview of the security and privacy requirements of the system and the agencys plan for meeting those requirements. If a security plan does not exist, one needs to be created. 3.2 MDIT security policies, standards & procedures 3.3 Agency security policies, standards & procedures 3.4 Data classification 3.5 System Criticality The System Security Level Matrix (see Appendix A) is used to determine the system criticality of your application and the interconnectivity of other systems used by your application and the appropriate security controls that need to be implemented for your application. Category Application/Data Systems*Overall Security LevelConfidentiality Integrity Availability  Based on the System Security Level Matrix, the overall security level categorization of your application system has been rated a ___ level in regards to Confidentiality, Integrity, and Availability risk. * This rating is based on the most sensitive information. 4.0 Security Requirements/Recommendations Stage The primary goal of this stage is to develop the security requirements for the project. These security requirements become the initial baseline for product design and a reference for determining whether the completed product performs as the system owner requested and expected. All system requirements, (e.g., software, hardware, performance, functional, infrastructure, etc.) should be included. Security ClassificationLowModerateHighAccess Control% Access Control Policy & Procedure documented, reviewed and updated % Comply with MDIT and Agency policies and procedures % A unique user ID and password is required for access % Tighten default settings to prevent unauthorized access % Disable inactive accounts % Terminate temporary and emergency accounts % Firewall rules, Access Control Lists % The system automatically locks an account until released by an administrator when five unsuccessful attempts is exceeded % Remote Server Access is authenticated using 2-factors and/or VPNAll Low plus the following: % Management of accounts % Automatically terminate temporary and emergency accounts % Automatically disable inactive accounts % Role based access controls must be applied to databases, applications, or computer hosts that contain protected information. % Access is deleted no later than day-end of the user s last day if the separation is friendly, or immediately if the separation is unfriendly % Separation of Duties through assigned access authorizations % Least Privilege  Access restrictive set of rights/privileges or accesses needed % Ensure that access to security functions (hardware, software, and firmware) and information is restricted to authorized personnel % Review audit records (e.g., user activity logs) on a regular basis % Authentication and encryption is used to protect wireless access % Mobile devices are scanned for malicious code, updated virus protection software, scan for critical software updates and patches All Low and Moderate plus the following: % Auditing of account creation, modification, disabling and termination % Review audit records (e.g., user activity logs) on a daily basis % Removable hard drives or cryptography to protect information residing on portable and mobile devices  Data Classification & Protection% Access Control Policy & Procedure % Least Privilege % Separation of Duties % Comply with Federal and State Laws and Requirements & MDIT and Agency policies and procedures % Security Disclosure and Acceptable Use Agreements signed, maintained and reviewed on a yearly basis % Contingency/DR Plan documented, tested, implemented and reviewed All Low plus the following: All Low and Moderate plus the following: % Transmitted minimum 128-bit encryption % Stored minimum 128-bit encryption Identification & Authentication% Authentication of a user s identity is accomplished through the use of passwords, tokens, biometrics % Authentication information (e.g., password or PIN) must never be disclosed to another user or shared among users.All Low % Identify and authenticate devices (e.g., MAC, TCP/IP, etc.)All Low & Moderate plus the following: % Authentication of a user s identity is accomplished through the use of passwords, tokens, biometrics, or multifactor authenticationConfiguration/Change Management% Define the mechanism by which changes to applications, network, infrastructure or other IT components are planned, communicated, and coordinated % Access authorization and access provisioning, for a given User, must be performed by separate individuals % Access provisioning and access provision monitoring, for a given system or application, must be performed by separate individuals % Access provision monitoring and installation/support of logical access control products, for a given system or application, must be performed by separate individuals % Access provisioning and application usage, for a given business application, should be performed by separate individuals % Whenever applicable, changes should be tested within a testing environment prior to productionAll LowAll Low & ModeratePasswords% Comply with MDIT and Agency policies and procedures % Never share % Never displayed % Passwords stored encrypted % Do not use passwords easily guessable All LowAll Low & ModerateMedia Protection% Comply with MDIT and Agency policies and procedures % Agency ensures that only authorized users have access to information in any media, print or digital % Only authorized users have access to information in any media, print or digital All Low plus the following: % Media is sanitized and disposed of based on MDIT and Agency policies and procedures % Track, document and verify media destruction and disposal actions % Paper and digital media is stored in a secure storage area and audit of access attempts and access granted is documented % Agency restricts the pickup, receipt, transfer, and delivery of media to authorized personnel All Low and Moderate plus the following: % Digital media stored at a minimum of 128-bit encryptionSecurity Awareness & Training% A documented security awareness and training policy and procedure developed and distributed to all employees % All employees have a signed security agreement in their personnel file upon hire and renewed yearly % Background check upon hire and security exit interview upon termination (retire, transfers, terminations, etc.) % Acceptable Use Policy % Document and monitor individual security training activities % Awareness, training, and education curriculum material are reviewed annually and updated as appropriateAll Low plus the following: % Information disclosure and confidentiality statements, are posted throughout the facility All Low and ModerateAudit & Accountability% A documented audit and accountability policy % Audit record should contain: data and time of the event, subject identity, type of event, how data changed, where the event occurred, and the outcome of the event All Low plus the following: % Audit record should be reviewed on a regular basis % Audit logs are stored All Low & Moderate plus the following: % Audit record should be reviewed on a daily basis Vendor, contractor & third party% Adherence to MDIT and Agency security policies % Security Agreements signed, maintained and reviewed yearly % Remote Access must be secured through the use of VPN, authentication, and access control lists % Monitor and audit contractor activities % Contractor software and equipment installed and configured to operate securely; virus protection and other SOM security procedures % Eliminate physical and electronic access on the same day the contract endsAll Low plus the following: % No self-assessment % Required to implement controls that meet or exceed the State of Michigan s established security controls. % Must provide the State with identified or established vendor policies or a third party independent audit (e.g.: SAS70) and/or certification of their hosting facility to verify identified or established policies are in place to protect the State s confidential and sensitive data.All Low & ModerateIncident Response% Documented and implemented Incident Response Policy & Procedure % Incident handling form for consistent, repeatable process when dealing with incidents All Low plus the following: % Personnel trained in their incident response roles and responsibilities at least annually % Incident response testing at least annuallyAll Low & ModerateContinuity Plan% Develop and implement a continuity plan that addresses roles & responsibilities, assigned individuals with contact information, and activities associated with restoring the system after a disruption or failure % Update contingency plan at least annually % Backups of user-level and system-level information if stored at appropriately secured locationAll Low plus the following: % Train personnel in their contingency roles and responsibilities with respect to the information system and provides refresher training yearly % Test the contingency plan at least annually % Alternate storage site is geographically separated from the primary storage site % Backups are tested to ensure media reliability and information integrityAll Low and Moderate plus the following: % Incorporate simulated event to facilitate effective response by personnel in crisis situations % Test the contingency plan at alternate site % The alternate storage site is configured to facilitate timely and effective recovery operations % Backup copies of the operating system and other critical information system software are stored in a separate facility or in a fire-rated container % Full recovery and reconstitution of the information system as part of contingency plan testingInfrastructure/Network% Virus protection mechanisms % Virus protection mechanisms updated whenever new releases are available % Monitor events, detect attacks, and provide identification of unauthorized use of the system % All publicly available host resources shall be placed in the DMZ % All servers must pass a vulnerability scan % Defined firewall rules prohibiting access and restricting trafficAll Low plus the following: % Hosted in Zone 2 Trusted environment % All servers must have standardized security logging enabled All Low and Moderate plus the following: % Hosted in Zone 3 protected environment 5.0 Functional Design Stage During this stage, the overall structure of the product is defined from a functional viewpoint. The functional design describes the logical system flow, data organization, system inputs and outputs, processing rules, and operational characteristics of the product from the users point of view. 5.1 Describe the function of the system/application and the information processed 5.2 Describe each applications function and the information processed 5.3 Other Systems or Applications serviced by this hardware 5.4 Hardware/software this system/application will be utilizing 5.5 Proposed security controls Describe the security controls being implemented for the protection of the Agency assets. Below is a list of security controls that can be utilized to secure Agency assets. This is not an all inclusive list of controls. Access Control: limiting information system access to authorized users or devices. Audit & Accountability: creating, protecting, and retaining information system audit records that are needed for the monitoring, analysis, investigation, and reporting of unlawful, unauthorized or inappropriate information system activity, and ensuring that the actions of individual users can be traced so that the individual users can be held accountable for their actions. Awareness & Training: ensuring that managers and users of information systems are made aware of the security risks associated with their activities and of applicable laws, policies, and procedures related to security, and ensuring that personnel are trained to carry out their assigned information security-related duties. Configuration/Change Management: enforcing security configuration settings for products, monitoring and controlling changes to baseline configurations and to components of systems throughout their system development life cycles. Contingency Planning/Disaster Recovery: Establishing and implementing plans for emergency response, backup operations, disaster recovery of information systems and business continuity plan. Data Classification & Protection: Classify data. Protecting data generated, accessed, transmitted and stored. Including but not limited to mobile devices, CDs, DVD, etc. Identification & Authentication: Identifying and authenticating the identities of users, processes, or devices that require access to information systems. Incident Response: Operational incident handling capabilities for information systems, and tracking, documenting, and reporting incidents to appropriate officials. Maintenance: Periodic and timely maintenance of systems, and providing effective controls on the tools, techniques, mechanisms, and personnel that perform system maintenance. Media Protection: Protecting information in printed form or on digital media, limiting access to information to authorized users, and sanitizing or destroying digital media before disposal or reuse. Personnel Security: Ensuring that information and information systems are protected during personnel actions, and employing formal sanctions for personnel failing to comply with security policies and procedures. Physical & Environmental Protection: limiting physical access to systems and to equipment to authorized individuals. Planning: developing, documenting, updating, and implementing security plans for systems. System and Communication Protection: monitoring, controlling and protecting communications of information systems. System and Information Integrity: Identifying, reporting, and correcting information and system flaws in a timely manner, providing protection from malicious code, and monitoring system security alerts and advisories. 5.6 Infrastructure/Network Diagram (new or existing) The network diagram depicts the way that the signals act on the network media, on the way that the data passes through the network from one device to the next without regard to the physical interconnections of the devices. Furnish network diagram detailing infrastructure features Include: Specify name and location of the system/application Servers/IP Addresses Services Firewalls Load Balances Protocols Communication port numbers SAN/NAS See sample infrastructure/network diagram next page:  5.7 Data Flow Diagram (new or existing) Describe data process flow of the application from system input to system output. - Furnish diagram - Describe interface and how it is accomplished - Identify data flow - Type of data - Direction of flow See sample data flow diagram next page  6.0 System Design The goal of this stage is to refine the functional design to make it necessary to execute the Construction and Implementation Stages. 6.1 Infrastructure/Network Diagram The network diagram depicts the way that the signals act on the network media, on the way that the data passes through the network from one device to the next without regard to the physical interconnections of the devices. Furnish network diagram detailing infrastructure features Include: Specify name and location of the system/application Servers/IP Addresses Services Firewalls Load Balances Protocols Communication port numbers SAN/NAS See sample infrastructure/network diagram next page:  6.2 Data Flow Diagram Describe data process flow of the application from system input to system output. - Furnish diagram - Describe interface and how it is accomplished - Identify data flow - Type of data - Direction of flow See sample data flow diagram next page  7.0 Construction In this stage, confirmation that sensitive data or data under conversion is handled and protected correctly based on classification. 8.0 Testing In this stage, security controls are tested to determine whether the sensitive data or data under conversion is handled and protected based on classification 9.0 Implementation In this stage, Qualys scans are performed, security training is performed and security controls are validated. A final security analysis is provided, identifying residual risks of which MDIT and the agency approve. 9.1 Security Analysis The Office of Enterprise Security makes no warranty that the threats/vulnerabilities or recommended controls identified in the Security Analysis are all inclusive. Threat/VulnerabilityTargetResidual RiskExisting ControlsProbability* (H, M, L)Impact* (H, M, L)Recommended ControlsPassword sharing Application Data Base ServersPersons could gain unauthorized access to sensitive information or system. Non-repudiation can no longer be achieved1350.20 Security Awareness Training ProgramCarelessly stored passwords Application Data Base ServersPasswords could easily be guessed and used for unauthorized access to sensitive data or systemStore passwords encryptedLose/forget password for network access or application Application Data Base ServersDenial of Service for users. Unable to perform maintenance resulting in persons gaining unauthorized access to sensitive data or system.Password locked in secure fireproof cabinet in secure location with only individual need-to-know access. Two or more security questions. Lock out after 5 invalid attemptsPassword effectiveness Application Data Base ServersPasswords could easily be guessed and used for unauthorized access to sensitive data or systemAdherence to Michigan 1 password policy.Shoulder surfingApplication Data Base Servers PCsPasswords could be obtained and used for unauthorized access to sensitive data or system. Sensitive data could be viewed by unauthorized individuals. Passwords masked when displayed. Security Awareness Training ProgramSocial engineering (i.e. phone, email, web site, in person)SOM Resources Agency Assets Sensitive/ Personal/ Confidential informationHacker persuades staff to provide information that would enable them to gain access to SOM resources and sensitive dataSecurity Awareness Training ProgramUnauthorized access to sensitive/personal/confidential informationSensitive/ Personal/ Confidential informationData is stolen resulting in identity theft. Financial ImpactDocumented process for reviewing logs on a daily basis. Access Management process and procedures Security Agreements signed and maintainedUnauthorized modifications made to sensitive/personal/confidential informationSensitive/ Personal/ Confidential informationData is rendered useless. Credibility damage, legal ramifications of falsification of data.Documented process for reviewing logs on a daily basis. Access Management process and procedures Change Management Process and Procedures Configuration management process and procedures Separation of Duties Least Privilege Security Agreements signed and maintained.Intercepted transmission of sensitive/personal/confidential information via InternetSensitive/ Personal/ Confidential informationData is captured when transmitted via Internet resulting in unauthorized access of sensitive/ personal/ confidential data.1315.10 Encrypt data end to end during transmission Documented process for reviewing logs on a daily basisIntercepted transmission of sensitive/personal/confidential information via LMANSensitive/ Personal/ Confidential informationData is captured when transmitted between web application and database resulting in unauthorized access of sensitive/personal/confidential data.1315.10 Encryption to secure personal data at the application level Documented process for reviewing logs on a daily basis.Use of insecure protocols for transmission of sensitive/personal/confidential data Sensitive/ Personal/ Confidential informationPenetration of system resulting in compromise of data.1315.10 Encrypt data in databaseIntentional or inadvertent exposure of sensitive/personal/confidential data to the internet or other inappropriate networksSensitive/ Personal/ Confidential informationData is altered resulting in identity theft. Violating State & Federal Laws Fraud1315.10 Database in Zone 2 or 3 Data encrypted during session Encrypt data in databaseInformation leakage or inappropriate disclosure of sensitive/personal/confidential dataSensitive/ Personal/ Confidential dataIdentity Theft Fraud Legal ramificationsSecurity/ Disclosure agreements signed and maintained. Security Awareness Training ProgramInstalling unauthorized software Servers PCsCould install a virus that will affect system and could spread to rest of network. May be coded illegally, which could subject the agency to penalties. Vulnerable to security flaws (no kept updated) Could contain spy ware that will capture sensitive data to unauthorized users.Software License validation Security Awareness Training Program Loss, or theft of, sensitive/personal/confidential data on mobile devices (i.e. USB drives, laptops, PDAs, etc.)Sensitive/ Personal/ Confidential informationMobile device being compromised and sensitive data obtained by unauthorized user(s). Bad publicity, or damaging and costly litigation1315.10Not keeping operating systems, databases, and other software patched Servers PCsAttacker could exploit vulnerabilities and take control of the system.1350.11 Automated patch management process documented, tested, and followed. Lack of Server HardeningSOM Resources Agency Assets Sensitive/ Personal/ Confidential informationUnauthorized users may be able to obtain sensitive information about system resources, such as a list of all accounts or shared resources, registry permission settings, and make modifications to the registry1350.11 Adherence to Michigan 1 password policy. Elevation of Privileges or Excessive Access RightsAgency Assets Sensitive/ Personal/ Confidential informationUsers having elevated privileges could obtain root privileges to sabotage system and gain access to sensitive/personal/confidential data1350.40Users leaving desktops unlocked while unattendedSensitive/ Personal/ Confidential information SOM ResourcesIndividual impersonating the user logged in can read all assets residing on the client machine and travel over the network to gain access to sensitive information and SOM resources1410.88Improper Separation of DutiesAgency AssetsOne individual having complete control of a process from start to finish leading to costly errors or fraud1350.40Lack of knowledge of vendors security controlsSOM Resources Agency Assets Sensitive/ Personal/ Confidential informationVendor capable of intentional/ unintentional misuse of system without Agency knowledgeDocumented security controls of vendor SAS70 from VendorSensitive/personal/confidential data being stored without strong encryptionSensitive/ Personal/ Confidential informationUnauthorized access to sensitive/ personal/ confidential data resulting in corruption or destruction of data 1315.10Discarding of media that contains sensitive/personal/confidential dataSensitive/ Personal/ Confidential informationOutput containing sensitive/ personal/ confidential data improperly disposed of could lead to unauthorized access1350.90Lack of system/application/network loggingSOM Resources Agency Assets Sensitive/ Personal/ Confidential informationMalicious user gains unauthorized access to system and modifies data without being detected or misuses resources of the system/ application/ network1350.11Easy-to-crack NetBIOS passwords being used on the network making it easy for hackers to traverse the network SOM Resources Agency Assets Sensitive/ Personal/ Confidential informationUnauthorized users can launch brute force password attacks and other intrusive attacks to gain access to the networkFirewall Rules specific ports identified Documented Incident Response process and procedure Malicious Attacks SOM Resources Agency Assets Sensitive/ Personal/ Confidential informationData could be rendered useless. Data could be discreetly modified or deleted Data could be inaccessible Persons could gain unauthorized access to sensitive data. Consume bandwidth causing systems to slow down or become unusableAutomated patch management process documented, tested, and followed. Anti-Virus Security Awareness Training Program Access Control Policy Quality Assurance Process Change Management Process Configuration Management Process Code review walk-through Buffer overflowSOM Resources Agency Assets Sensitive/ Personal/ Confidential informationA malicious user can cause a breach in system security causing damage to data, modifications to data and disclosure of dataQuality Assurance Process Code reviews performed to ensure that all parameters are validated. Documented Change Control Process to ensure that appropriate security is maintained over application program code files.Malicious Program Code Application CodeMalicious programs and code injected into application code in order to gain unauthorized access to sensitive data and resourcesQuality Assurance Process Code reviews performed to ensure that all parameters are validated. Documented Change Control Process to ensure that appropriate security is maintained over application program code files.Denial of Service (DoS) caused by flooding with a large number or requests SOM Resources Agency Assets Sensitive/ Personal/ Confidential informationMalicious user can compromise the availability of the application and disable services. Crash or ungraceful degradation of the systemFirewall Rules specific ports identified Utilized Intrusion Detection Software tools to continuously monitor servers. Load Balancing Documented Incident Response process and procedureSniffingSOM Resources Agency Assets Sensitive/ Personal/ $&(PRVZ^`bvxz̸zhNzh?h56B*CJ aJ ph2jhUbhwws56B*CJ UaJ ph#hCYhwws56B*CJ aJ ph(hw 56B*CJ aJ mHnHphu2jhwwshwws56B*CJ UaJ phhwws56B*CJ aJ ph&jhwws56B*CJ UaJ ph h5h5CJ(\j!I hUVhjhU hCJ4h5CJ4\$&XZ\^` d f |&$d%d&d'dNOPQgd!)$$d%d&d'dNOPQa$gdwws)$$d%d&d'dNOPQa$gd$a$gd d f ~ úqeaWaIh;hwws5CJ\aJhB*CJphhhC24hwws6CJaJ&jϘhUbhwws6CJUaJ%jhw 6CJUaJmHnHu&j[hUbhwws6CJUaJjhwws6CJUaJhwws6CJaJh6CJaJh56B*CJ,aJ,ph#hCYh56B*CJ,aJ,ph#hCYh56B*CJ aJ phf   , 3 : A N V e q } Fff $$$Ifa$gd$gd$a$gdwws          $ rjhwwshwwsCJ0UjhwwshwwsCJ0Uj6hwwshwwsCJ0UjŸhwwshwwsCJ0UjNhwwshwwsCJ0UjڞhwwshwwsCJ0UjfhwwshwwsCJ0U hwwsCJ0jhwwsCJ0Uh;hwws5CJ\aJ&   ' 9 : ; H $$Ifa$gdgdFf $$$Ifa$gdwws $ % & ' ( 6 7 8 9 : I T U \ ] ^ h i   $ & ( 2 4 6 8 L ±•xeQe&jhUbhwws5OJQJU%jhw 5OJQJUmHnHu&j%hUbhwws5OJQJUhwws5OJQJjhwws5OJQJUh5B*CJaJph hUh5B*CJaJphh5OJQJhwwsjhwwshwwsCJ0U hwwsCJ0jhwwsCJ0UjhwwshwwsCJ0UH I K M O U \ ||||| $$Ifa$gdwkdۥ$$IflH*   t 0 644 lap \ ]  6 ."" $$Ifa$gdwwskdV$$Ifl\ #'H*8  t(3f3f3f3f0 644 lap(3f3f3f3fL N P Z \ ^ ` t v x $ & ®ªl[lNEAEh#]hNh#]0JjhNh#]0JU hkhCJ OJQJ^JaJ )jhkhCJ OJQJU^JaJ h5CJ OJQJ\^JaJ &h`Jh5CJ OJQJ\^JaJ hwwsh&jhUbhwws5OJQJUhwws5OJQJ%jhw 5OJQJUmHnHujhwws5OJQJU&j hUbhwws5OJQJU6 ^ RJJJJ$a$gdkd$$Ifl\ #'H*8 t0 644 la $$Ifa$gdwws& ( * 0 2 J L N 34¸­ǐӌx¸mǐӌjڪh#]U'j]hNh#]>*B*Uphh#]jhNh#]0JU hSjh#]U*jh#]Ujh#]U h#]h#]5;CJ\aJhNh#]0JjhNh#]0JU*'jchNh#]>*B*Uph$ yBl=>@aun$a$gd4569:WXYstuvwxyz{¸­ǃzsz_PzHz@h#]h#]h#]h#]:jh#]h#]0JU*'jQh#]h#]>*B*Uph h#]h#]h#]h#]0Jjh#]h#]0JUjhNh#]0JU hSjh#]U*jԫh#]Ujh#]U h#]h#]5;CJ\aJhNh#]0JjhNh#]0JU*'jWhNh#]>*B*Uph !"<=>?@ABCD`abcfg󽵽t󽵽`'jEh#]h#]>*B*Uphjȭh#]h#]Ujh#]h#]0JU*'jKh#]h#]>*B*Uph h#]h#]h#]h#]0Jh#]h#]:jh#]h#]0JU hSjh#]h#]U*jάh#]h#]Uh#]h#]jh#]h#]U% 123478JKLfɼsɼ_'j9h#]h#]>*B*Uphjh#]h#]Ujh#]h#]0JU*'j?h#]h#]>*B*Uph h#]h#]h#]h#]0Jh#]h#]:jh#]h#]0JUjh#]h#]U hSjh#]h#]U*j®h#]h#]Uh#]h#]%fghijklmnļsndnYNdsjh#]U*jh#]Ujh#]U h#]h#]5;CJ\aJjhNh#]0JU*'j3hNh#]>*B*Uphh#]hNh#]0JjhNh#]0JUh#]h#]:jh#]h#]0JUjh#]h#]U hSjh#]h#]U*jh#]h#]U678:;<=>?[\]^ab¸­ǃzsz_PzHz@h#]h#]h#]h#]:jh#]h#]0JU*'j'h#]h#]>*B*Uph h#]h#]h#]h#]0Jjh#]h#]0JUjhNh#]0JU hSjh#]U*jh#]Ujh#]U h#]h#]5;CJ\aJhNh#]0JjhNh#]0JU*'j-hNh#]>*B*Uph789;<=>?@\]^_bc󽵽t󽵽`'jh#]h#]>*B*Uphjh#]h#]Ujh#]h#]0JU*'j!h#]h#]>*B*Uph h#]h#]h#]h#]0Jh#]h#]:jh#]h#]0JU hSjh#]h#]U*jh#]h#]Uh#]h#]jh#]h#]U%9:;=>?@AB^_`adeɼsɼ_'jh#]h#]>*B*Uphjh#]h#]Ujh#]h#]0JU*'jh#]h#]>*B*Uph h#]h#]h#]h#]0Jh#]h#]:jh#]h#]0JUjh#]h#]U hSjh#]h#]U*jh#]h#]Uh#]h#]%  &'(),->?@Zļijсsļij_с'jh#]h#]>*B*Uphjh#]h#]Uh#]h#]jh#]h#]0JU*'j h#]h#]>*B*Uph h#]h#]h#]h#]0Jh#]h#]:jh#]h#]0JUjh#]h#]U hSjh#]h#]U*jh#]h#]U$Z[\^_`abcļsndnYNdsEh#]h#]0Jjh#]U*jzh#]Ujh#]U h#]h#]5;CJ\aJjhNh#]0JU*'jhNh#]>*B*Uphh#]hNh#]0JjhNh#]0JUh#]h#]:jh#]h#]0JUjh#]h#]U hSjh#]h#]U*jh#]h#]U:;<=@ARSTnoprstu𽰽łn𽰽`jnh#]h#]U'jh#]h#]>*B*Uphjh#]h#]0JU hSjh#]h#]U*jth#]h#]Ujh#]h#]Uh#]h#]h#]h#]:jh#]h#]0JU*'jh#]h#]>*B*Uphh#]h#]0J h#]h#]"uvw67鱧x鱧mjbh#]U'jhNh#]>*B*Uph hSjh#]U*jhh#]Ujh#]U h#]h#]5;CJ\aJjhNh#]0JU*'jhNh#]>*B*Uphh#]hNh#]0JjhNh#]0JU(789<=KLMghiklmnop¸­ǃzsz_PzHz@h#]h#]h#]h#]:jh#]h#]0JU*'jٿh#]h#]>*B*Uph h#]h#]h#]h#]0Jjh#]h#]0JUjhNh#]0JU hSjh#]U*j\h#]Ujh#]U h#]h#]5;CJ\aJhNh#]0JjhNh#]0JU*'j߾hNh#]>*B*Uph67󽵽tg^Z^h#]hNh#]0JjhNh#]0JUjPh#]h#]Ujh#]h#]0JU*'jh#]h#]>*B*Uph h#]h#]h#]h#]0Jh#]h#]:jh#]h#]0JU hSjh#]h#]U*jVh#]h#]Uh#]h#]jh#]h#]U789Cbcd~KUV&ȾȳsaUQMQIQA< h(6h+ hJ6hJhU!Uhh Nnh5CJ aJ #hkhCJ OJQJ\^JaJ ,jhkh;CJ OJQJU^JaJ h#]5;CJ\aJjhNh#]0JU hSjh#]U*jJh#]Ujh#]U h#] h#]0JhNh#]0JjhNh#]0JU*'jhNh#]>*B*UphKLMNOPQRSTUVvxy & Fgd`gdJgdJgd@&gd&vyz p -!.!/!:!;!E!F!G!!!T"V"y"z"{"""ƷӪӥӷƌƀwkhh5CJaJh5CJ aJ hOpOh5CJ aJ hzhhgh55 hto$5 h<5 hk6hF$h6 h5hgh5 hJhJhh5 h56 h6h\h6hS9hOJQJhOJQJhJh+ hJ6' !.!F!G!U"V" p@ gd @&^gd p@ @&gd<@&gd<^gd<@&gdgdJ & FgdgdV"_"`"q"r"{""" $$Ifa$gd""""."" $$Ifa$gdkd$$Ifl\#]%: UF   t(0d&644 lap(""""""""#####$$$$7$@$_$m$n$%%%%%%%%%%%%&&&p'v'Ļ匿wwlh5*5CJ\aJhi(h5*CJaJh5*CJaJhGh5*5 h5*5h!h5*5CJaJh5*hto$hJ hy h8y5CJaJh5CJaJh8yh5CJ aJ hy hJ 5CJ aJ hy h5CJ aJ hzhhh Z h5CJaJ&"""""""""UII $$Ifa$gdkd$$Ifl\#]%: UF  t0d&644 la $Ifgd""""""""UII $$Ifa$gdkdn$$Ifl\#]%: UF  t0d&644 la $Ifgd"""####$$%^YYYYYSSY@&gdy gdkd $$Ifl\#]%: UF  t0d&644 la %%%%%%%%%Mkd$$Ifl440 d&` F  t0644 lap $$Ifa$gd5* $Ifgd5*gd%%%+ $$Ifa$gd5*kdY$$Ifl44\ nd&      t(0644 lap(%&&&&n'p'''"($((((())X*****@+B+++,,- $Ifgd5*v'''V*X*22^4z447778888::6;8;<<<<BBCC&CCCC2D6D8D.@...//001122l2n23333\4^4`4 $Ifgd5*`4b4d4f4h4j4l4n4p44^RRRRRRRR $$Ifa$gd5*kd8$$Ifl\ nd&    t0644 la 444$5&5V5X566667t7v7777778 8^8`888 $Ifgd5*88899:::8;^RIIIIII $Ifgd5* $$Ifa$gd5*kd$$Ifl\ nd&    t0644 la8;;;<<<>>>UI $$Ifa$gd5*kd*$$Ifl\ nd&    t0644 la $Ifgd5*>>??6A8A.B0BBC(C $Ifgd5* (C*C>CCCCCCC^RIIIIII $Ifgd5* $$Ifa$gd5*kd$$Ifl\ nd&    t0644 laC4D6DDDDDDDDUkd$$Ifl\ nd&    t0644 la $Ifgd5* DDVEXE&F(FFFF G GGGHHJHBIDIJJZJ\JJ $Ifgd5* $$Ifa$gd5*JJKKKLLMM^RIIIIII $Ifgd5* $$Ifa$gd5*kd$$Ifl\ nd&    t0644 laMMM`N6OpOrO*P,P.P0P2P\P $Ifgd5* \P^PPPP0oNoOooooopp5pqqhqiqrr't(tuuuu}v~vwwwgd^gd@&gd`gdbwwqxrx:y;yzzzzzzX{Y{4|Y|k|l|K}L}}}}}}}gdue @&^gdue`gdue@&gd{gd6|X|Y|j|k|l|}}}}+~7~8~o~p~q~r~~~~~hijkûȳȢȢ{rfZh8yh{5CJ aJ h8yh8y5CJ aJ h8y5CJaJ h{6 jh{Ih{5CJUaJh{5CJaJhdl"CJaJhdl"5CJaJhOhdl"6hdl"hdl"6hghdl"5 hdl"5 hdl"6jhsPjhue6Uhuehzhue6 h#hue hue6 hue5hghue5"}~~,~6~7~8~m~n~q~~~~~1FUijk 0^`0gdhh@&gddl"`gddl"gddl"h^hgddl"@&gd{^gddl"gdue23WX78rsǁҁށ"#$YZ^gdA @&^gd86@&gd86gd86@&gd86 0^`0gd{36VWXˀɁс#$[\]^_`atuvwCDEFlopqr τЄضإإÀwwpw h86h86h865CJ aJ h86h865CJ aJ jh{Ih865CJUaJh86CJaJh865CJaJhOh866hdl"h866 h#]5h=h8yjDhsPjh866U h866hzh866hgh865 h865h86h8y5CJ aJ +^uwʂ܂ !0DEFnr @&gd86@&gd=gd= 0^`0gd86`gd86gd86h^hgd86@&gd=τЄefg|†̆نFfg $IfgdAgdA@&gdbt@&gd86gd86Є.@HRcdfgm{ˆ؆نԺwjwjwjwjwY hF#hACJOJQJ^JaJhA5CJOJQJaJh#jhA5CJOJQJaJh;h5CJOJQJaJhA5CJOJQJ^JaJ#h#jhA5CJOJQJ^JaJ hA6hS9hA6h;h6CJaJhA6CJaJhS9hA6CJaJ h;h5hbthbt5h<h86 h86h86h_|  aڇۇ܇݇]az{|ˆÈLjȈ͈ΈψՈֈ׈`d()+789=>CDEKLMȷȷ hF#hACJOJQJ^JaJ hA6hACJOJQJhACJOJQJaJhACJOJQJ^JaJhF#hACJOJQJaJHcd $IfgdA ۇ% $IfgdAkdwi$$Ifl:֞ 9"f+'E z- t0+44 la^_`a{ $IfgdA{|% $IfgdAkdKj$$Ifl&֞ 9"f+'E z- t0+44 la͈׈abcd͉Ή $IfgdA )7% $IfgdAkdk$$Ifl֞ 9"f+'E z- t0+44 la7CM؊ $IfgdAM׊؊ي 01@YZcd|}_`jktvϊ{htOChACJOJQJaJhohACJOJQJaJh%fehACJOJQJaJhACJOJQJhACJOJQJ^JaJhGhACJOJQJaJ hGhACJOJQJ^JaJ hA6hF#hACJOJQJaJhACJOJQJaJ0؊ي% $IfgdAkdk$$Ifl&֞ 9"f+'E z- t0+44 la mnϋЋ $IfgdA 1?% $IfgdAkdl$$Ifl֞ 9"f+'E z- t0+44 la?@NOZd} $IfgdA `k% $IfgdAkdm$$Ifl֞ 9"f+'E z- t0+44 laku͍̍΍ύ12\ $IfgdA ˍύ0[\]Žَڎ 6:IJK͐ΐ!-4BGL ǹۊǹۊǹhhACJOJQJaJhohACJOJQJaJ hGhACJOJQJ^JaJhACJOJQJ^JaJ hA6h/ hACJOJQJaJhACJOJQJhtOChACJOJQJaJhACJOJQJaJ6\]% $IfgdAkdon$$Ifl֞ 9"f+'E z- t0+44 laڎ789:rsƏǏ J $IfgdAJK% $IfgdAkdCo$$Ifl֞ 9"f+'E z- t0+44 laΐ,6IJKLTU $IfgdA % $IfgdAkdp$$IflM֞ 9"f+'E z- t0+44 la 9Ēʒ˒̒͒Ւ֒K $IfgdA !89TZÒɒ͒֒JKLԓՓ 012”Ĕ۔ܔ/3|mmmmmmmh#hACJOJQJaJh#h ;+CJOJQJaJh ;+CJOJQJ^JaJhACJOJQJ^JaJ h#hACJOJQJ^JaJ hA6h/ hACJOJQJaJhhACJOJQJaJhACJOJQJhohACJOJQJaJhACJOJQJaJ*KL% $IfgdAkdp$$Ifl֞ 9"f+'E z- t0+44 laՓ 1 $IfgdA12% $IfgdAkdq$$Ifl@֞ 9"f+'E z- t0+44 laÔܔ )*0123;<IUVuv $IfgdA% $IfgdAkdr$$Ifl@֞ 9"f+'E z- t0+44 la9=ĖŖƖʖ˖)*+ɘʘϾ㡰㒈yyϾjjjW$h#jhA0JCJOJQJ^JaJhohACJOJQJaJhBhACJOJQJaJhACJOJQJhOhACJOJQJaJhF#hACJOJQJaJhACJOJQJ^JaJ h#hACJOJQJ^JaJ hA6h#hACJOJQJaJhACJOJQJaJ h{hACJOJQJ^JaJ%&:;<=Gtu $IfgdAŖ% $IfgdAkdgs$$Ifl@֞ 9"f+'E z- t0+44 laŖ˖de()* $IfgdA*+% $IfgdAkd;t$$Ifl@֞ 9"f+'E z- t0+44 laʘ!RSTU] $IfgdA QU\]^KRSTm|힏…yjYJJJ…h%fehACJOJQJaJ hhACJOJQJ^JaJh[h ;+CJOJQJaJh ;+CJOJQJaJhACJOJQJh[hACJOJQJaJhACJOJQJ^JaJ h#hACJOJQJ^JaJ hA6hACJOJQJaJh#hACJOJQJaJ$h#jhA0JCJOJQJ^JaJhA0JCJOJQJ^JaJ]^% $IfgdAkdu$$Ifl@֞ 9"f+'E z- t0+44 laKLMNOPQRS $IfgdASTm{% $IfgdAkdu$$Ifl@֞ 9"f+'E z- t0+44 la{| $IfgdA 01z{ŜƜ $34 !ǞŶ֘zzzlhACJOJQJ^JaJhUrhACJOJQJaJhohACJOJQJaJ h#hACJOJQJ^JaJhA5CJOJQJaJh%fehACJOJQJaJ h{hACJOJQJ^JaJ hA6hACJOJQJhACJOJQJaJhhACJOJQJaJ*% $IfgdAkdv$$Ifl@֞ 9"f+'E z- t0+44 la1Ŝ $IfgdA ŜƜ% $IfgdAkdw$$Ifl@֞ 9"f+'E z- t0+44 la %&4 $IfgdA !% $IfgdAkd_x$$Ifl@֞ 9"f+'E z- t0+44 la! $IfgdAȞ֞% $IfgdAkd3y$$Ifl@֞ 9"f+'E z- t0+44 laǞȞ23jn "#DENOnֻʻʶ֘ʘʘ֎phhACJOJQJaJh:hACJOJQJaJh ;+CJOJQJh,hACJOJQJaJh\hACJOJQJaJ hA6h~ hACJOJQJaJhACJOJQJaJhACJOJQJhohACJOJQJaJ h\hACJOJQJ^JaJ,֞מ3klmny $IfgdA% $IfgdAkdz$$Ifl@֞ 9"f+'E z- t0+44 la #EO $IfgdA% $IfgdAkdz$$Ifl@֞ 9"f+'E z- t0+44 la4> $IfgdA ϡ g,EFOPhiݣޣCDE¶xjx[[hhACJOJQJaJhACJOJQJ^JaJ h#hACJOJQJ^JaJhthACJOJQJaJh phACJOJQJaJh%fehACJOJQJaJhACJOJQJaJh\ShACJOJQJaJ h\ShACJOJQJ^JaJ hA6h:hACJOJQJaJhACJOJQJ#Ρ% $IfgdAkd{$$Ifl@֞ 9"f+'E z- t0+44 laΡϡݡޡ $IfgdA % $IfgdAkd|$$Ifl@֞ 9"f+'E z- t0+44 la+,:;FPiޣߣ ABCD $IfgdADEXf% $IfgdAkdW}$$Ifl@֞ 9"f+'E z- t0+44 laEWXgѦҦۦܦpqtLMNefvwǽ֮֮ǽzk\\h/hACJOJQJaJh24`hACJOJQJaJhbBhACJOJQJaJh\hACJOJQJaJ h\hACJOJQJ^JaJ hA6hhACJOJQJaJhACJOJQJh%fehACJOJQJaJhACJOJQJaJh:nFhA5CJOJQJaJhACJOJQJ^JaJ$fguvĤŤIKե֥89 $IfgdA9STuv $IfgdA% $IfgdAkd+~$$Ifl@֞ 9"f+'E z- t0+44 laƦǦҦܦqrstӧԧM $IfgdAMNfw% $IfgdAkd~$$Ifl@֞ 9"f+'E z- t0+44 lawYZө $IfgdA ҩөԩ /HIRSkl̫9BCDLM\uvŵֆꄦxiֆh\h ;+CJOJQJaJh ;+CJOJQJaJU h\hACJOJQJ^JaJh\hACJOJQJaJh%fehACJOJQJaJh\hA5CJOJQJaJ hhACJOJQJ^JaJ hA6h/hACJOJQJaJhACJOJQJaJhACJOJQJ)өԩ % $IfgdAkd$$Ifl@֞ 9"f+'E z- t0+44 la ./=>ISlĪŪ!"op $IfgdA˫% $IfgdAkd$$Ifl@֞ 9"f+'E z- t0+44 la˫̫ګ۫9:;<=>?@ABC $IfgdAConfidential informationData packets are captured and decoded to collect information such as passwords or infrastructure configurationsFirewall Rules specific ports identified Utilized Intrusion Detection software tools to continuously monitor servers Documented Incident Response process and procedure ScanningSOM Resources Agency Assets Sensitive/ Personal/ Confidential informationPenetration of system enabling an intruder to access the networks unsecured portsFirewall Rules specific ports identified Utilized Intrusion Detection software tools to continuously monitor servers Documented Incident Response process and procedureSpoofingSOM Resources Agency Assets Sensitive/ Personal/ Confidential informationCompromise or destruction of state systems1350.11 Firewall Rules specific ports identified Application level securityWireless broadcasting of sensitive/personal/confidential data in an insecure mannerSOM Resources Agency Assets Sensitive/ Personal/ Confidential informationAn attacker uses a wireless network to launch an attack and gains unauthorized access1420.02Wireless access point spoofingSOM Resources Agency Assets Sensitive/ Personal/ Confidential informationAn attacker uses a wireless network to launch an attack and gains unauthorized access1420.02Wireless systems using WEP or less securitySOM Resources Agency Assets Sensitive/ Personal/ Confidential informationAn attacker uses a wireless network to launch an attack and gains unauthorized access1420.02Logs stored in insecure locationAgency Assets Sensitive/ Personal/ Confidential information Malicious user modifies logs to cover their tracksEncrypt log data Logs stored on other network devices (IE: SAN, NAS, etc.)Logs store confidential data such as passwordsAgency Assets Sensitive/ Personal/ Confidential informationMalicious user accesses logs containing confidential data and sabotages network or gains unauthorized access to sensitive data Legal exposure from security breaches and costly network downtime.Encrypt log data Documented process for reviewing logs on a daily basis.Back doors to network (i.e. dial-in modems, wireless access points, etc.)SOM Resources Sensitive/ Personal/ Confidential information Agency Assets Unauthorized users can log into the system undetected, execute unauthorized commands and leave the system vulnerable to other unauthorized users. Malicious users may use the system to access other systems and perform a coordinated DoS attack.Firewall Rules specific rules identified Utilized Intrusion Detection Software tools to continuously monitor servers. Document Incident Response process and procedureNetwork devices and servers remotely administered with insecure protocolsSOM Resources Sensitive/ Personal/ Confidential information Agency AssetsDirect access to SOM resources resulting in intrusion or unauthorized access to personal data.1410.21 1410.22 1410.24Devices being connected to the network that may be infected with viruses (e.g. contractor laptops)SOM Resources Sensitive/ Personal/ Confidential information Agency AssetsUnauthorized access to sensitive/ personal/ confidential data. Port/segment blocking due to the spreading of a virus System down time, lost productivity. DIT-0155 Foreign Device Network Connection RequestRemote users that may have infected computers, connecting to the networkSOM Resources Sensitive/ Personal/ Confidential information Agency AssetsUnauthorized access to sensitive/ personal/ confidential data. Port/segment blocking due to the spreading of a virus System down time, lost productivity.DIT-0155 Foreign Device Network Connection RequestPhysical damage to facility and/or equipment caused by storm, tornado, vandalism, accident, etc.SOM Resources Sensitive/ Personal/ Confidential information Agency Assets Information unavailable Loss of service to public System down time, lost productivityBusiness Continuity Plan and disaster Recovery Plan documented, tested and implementedEquipment failure/malfunctionSOM Resources Sensitive/ Personal/ Confidential information Agency Assets Information unavailable System down time, lost productivityBusiness Continuity Plan and disaster Recovery Plan documented, tested and implemented. * - The Probability and Impact are based on the Agencys existing controls. 9.2 Approvals By signing below, I certify that I have read and acknowledge each residual risk and recommended control contained in this document. My signature indicates that the Agency accepts each residual risk if the corresponding recommended control is not implemented. Approved by: _______________________________________ Date: ____________________ (Project Manager) Approved by: _______________________________________ Date: ____________________ (Business Owner) Approved by: _______________________________________ Date: ____________________ (Client Service Director) Approved by: _______________________________________ Date: ____________________ (Office of Enterprise Security) Appendix A System Security Level Matrix Security ObjectivePotential ImpactLowModerateHigh Confidentiality: Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.  The unauthorized disclosure of information would have limited adverse effect on State of Michigan operations, assets, or individuals. Example(s): Public Information Information available via Freedom of Information Act The unauthorized disclosure of information would have a serious adverse effect on State of Michigan operations, assets, or individuals. Example(s): Personal information affecting an individuals privacy (e.g. an individuals medical information; drivers license number; social security number; banking information, etc)  The unauthorized disclosure of information would have a severe or catastrophic adverse effect on State of Michigan operations, assets, or individuals. Example(s): Highly sensitive information that may affect human life or safety (e.g. under cover investigation information; confidential response plans for emergencies) Information that if released would violate State or Federal Law Significant amount of privacy information (e.g. thousands of individuals credit card numbers; social security numbers; banking information; medical information, etc) Integrity: Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. The unauthorized modification or destruction of information would have limited adverse effect on State of Michigan operations, assets, or individuals.The unauthorized modification or destruction of information would have a serious adverse effect on State of Michigan operations, assets, or individuals.The unauthorized modification or destruction of information would have a severe or catastrophic adverse effect on State of Michigan operations, assets, or individuals. Example(s): Information that could affect human life or safety (e.g. criminal history; warrant/arrest data; active investigation information; child protection services information) Information that could severely affect public confidence (e.g. modification of voter registration or voting results; tax information; lottery drawings) Information that may affect national security (e.g. birth certificates; emergency response plans and procedures; risk assessments and vulnerability information) Availability: Ensuring timely and reliable access to and use of information and systems. The disruption of access to or use of information or an information system would have limited adverse effect on State of Michigan operations, assets, or individuals. The disruption of access to or use of information or an information system would have a serious adverse effect on State of Michigan operations, assets, or individuals. Example(s): Information or information system that if not available, would seriously affect the publics trust of the State (e.g. unemployment applications; Secretary of State applications; OTIS) Information or information system that if not available, could seriously affect the State financially (e.g. large revenue generating applications;) The disruption of access to or use of information or an information system would have a severe or catastrophic adverse effect on State of Michigan operations, assets, or individuals. Example(s): Information or information system that if not available, could affect human life or safety (e.g. LEIN; prisoner tracking systems; emergency response systems) Information or information system that if not available, would severely affect the publics trust of the State (e.g. welfare checks; food stamps; voter registration) Information or information system that if not available, could severely affect the State financially (e.g. Tax systems;  This document is for official use only. This document must be handled in a confidential manner at all times. Distribution and/or reproduction of this document outside the intended and approved use is strictly prohibited. DIT-0170 Rev. 7/07  PAGE 35 of  NUMPAGES 35 CDM[% $IfgdAkd{$$Ifl@֞ 9"f+'E z- t0+44 la[\jkvgh $IfgdAvnop^_eiqrǶǖxxxǖhChACJOJQJaJh\ShACJOJQJaJ h\ShACJOJQJ^JaJh\hACJOJQJaJ h\hACJOJQJ^JaJ hA6hXhACJOJQJaJhACJOJQJhACJOJQJaJh%fehACJOJQJaJ/% $IfgdAkdO$$Ifl@֞ 9"f+'E z- t0+44 la'(STo $IfgdAop% $IfgdAkd#$$Ifl@֞ 9"f+'E z- t0+44 lafghiq $IfgdA qr% $IfgdAkd$$Ifl@֞ 9"f+'E z