Re: [Fed-Talk] DISA Information Impact Levels?
Re: [Fed-Talk] DISA Information Impact Levels?
- Subject: Re: [Fed-Talk] DISA Information Impact Levels?
- From: "Marcus, Allan B" <email@hidden>
- Date: Fri, 23 May 2014 16:59:37 +0000
- Thread-topic: [Fed-Talk] DISA Information Impact Levels?
Thanks. My purpose is also cloud, and for the exact same purpose as DoD.
--
Thanks,
Allan Marcus
Chief IT Architect
Los Alamos National Laboratory
505-667-5666
email@hidden
If you always do what you always did, you will always get what you always
got. [Albert Einstein]
On 5/20/14 2:13 PM, "Miller, Timothy J." <email@hidden> wrote:
>That guidance is only operative for cloud service contracts. DoD
>guidance on impact analysis for authentication is in DoDI 8520.03, and
>for information systems generally is in DoDI 8510.01. Controls come from
>NIST SP 800-53 and appropriate overlays (e.g., CNSSI 1253F and
>attachments).
>
>-- T
>
>>-----Original Message-----
>>From: fed-talk-bounces+tmiller=email@hidden
>>[mailto:fed-talk-
>>bounces+tmiller=email@hidden] On Behalf Of Marcus, Allan B
>>Sent: Tuesday, May 20, 2014 2:26 PM
>>To: Marcus, Allan B; Apple Fed-Talk
>>Subject: Re: [Fed-Talk] DISA Information Impact Levels?
>>
>>I've received a few requests to share the info Eryk pointed me to.
>>
>>http://iase.disa.mil/cloud_security/downloads/dod_ecsb_security_model_1-
>>2.pdf
>>Page 6, Figure 3 - Security Model
>>Note in the "Maximum Data Type and C-I_a column the x-y-z, where x =
>>confidentiality, y = integrity, and z = availability.
>>
>>--
>>Thanks,
>>
>>Allan Marcus
>>Chief IT Architect
>>Los Alamos National Laboratory
>>505-667-5666
>>email@hidden
>>
>>If you always do what you always did, you will always get what you
>>always got.
>>[Albert Einstein]
>>
>>From: <Marcus>, Allan Marcus <email@hidden>
>>Date: Monday, May 19, 2014 3:20 PM
>>To: Allan Marcus <email@hidden>, Apple Fed-Talk
>><email@hidden>
>>Subject: Re: [Fed-Talk] DISA Information Impact Levels?
>>
>>
>>
>> Thanks to Erik van Bronkhorst I got the info!
>>
>> --
>> Thanks,
>>
>> Allan Marcus
>> Chief IT Architect
>> Los Alamos National Laboratory
>> 505-667-5666
>> email@hidden
>>
>> If you always do what you always did, you will always get what you
>>always got. [Albert Einstein]
>>
>>
>> From: <Marcus>, Allan Marcus <email@hidden>
>> Date: Monday, May 19, 2014 3:02 PM
>> To: Apple Fed-Talk <email@hidden>
>> Subject: [Fed-Talk] DISA Information Impact Levels?
>>
>>
>>
>> I'm trying to learn more about DISA Impact Levels. From what I
>>understand the levels are 1-5, and are based on NIST and FIPS documents,
>>but
>>I cannot find any explanation of how DISA determines impact levels, and
>>how
>>they came up with 1 to 5. If you have any DISA contacts, can you please
>>see if
>>you can find out about these "impact levels", specifically on an
>>explanation of
>>what 1-5 mean and how they are calculated?
>>
>> --
>> Thanks,
>>
>> Allan Marcus
>> Chief IT Architect
>> Los Alamos National Laboratory
>> 505-667-5666
>> email@hidden
>>
>> If you always do what you always did, you will always get what
>>you always got. [Albert Einstein]
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden