Please enable JavaScript.

Coggle requires JavaScript to display documents.

NIST RMF ( (, , , , , , ), CATEGORIZATION (Main Objectives or Task (1.…

- - - - Defined by Organization
      - Or defined by Law, Executive Order, Directive, Policy or Regulation
      - A specific category of Information (e.g Privay, Medical, Financial, etc)
      - SC(Information Type) = {(Confidentiality, Impact), (Integrity, Impact), (Availability, Impact)} NIST 800-60
    - - CONFIDENTIALITY
      - INTEGRITY
      - AVAILABILITY
    - - MODERATE (Serious Adverse Effect)
        
        Significant financial loss
        
        Significant harm to individuals but not life threatening or loss of life
        
        Significant damage to org assets
        
        Significant degradation to mission capability. Org is still able to perform primary functions but functions is significantly reduced
      - HIGH (Severe or Catastrophic Adverse Effect)
        
        Major damage to organizational assets
        
        Major financial loss
        
        Severe degradation to mission capability, org will not be able to perform one or more of primary functions
        
        Severe or catastrophic harm to individuals including life threatening and loss of life
      - LOW (Limited Adverse Effect)
        
        Minor financial loss or
        
        Minor harm to individuals
        
        Minor damage to org assets or
    - - SC(Information Type) = {(Confidentiality, Impact), (Integrity, Impact), (Availability, Impact)} NIST 800-60