| Trust Interoperability Profile Name | Version |
|---|---|
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that handle the Criminal Investigation and Surveillance information type, as defined by NIST Special Publication 800-60, Volume II, Revision 1, Section D.16.2. Criminal investigation and surveillance includes the collection of evidence required to determine responsibility for a crime and the monitoring and questioning of affected parties. Systems that handle Criminal Investigation and Surveillance information should operate at an impact level of MODERATE confidentiality, MODERATE integrity, and MODERATE availability, as recommended by NIST.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that handle the Criminal Rehabilitation information type, as defined by NIST Special Publication 800-60, Volume II, Revision 1, Section D.18.2. Criminal Rehabilitation includes all government activities devoted to providing convicted criminals with the educational resources and life skills necessary to rejoin society as responsible and contributing members. Systems that handle Criminal Rehabilitation information should operate at an impact level of LOW confidentiality, LOW integrity, and LOW availability, as recommended by NIST.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that handle the Emergency Response information type, as defined by NIST Special Publication 800-60, Volume II, Revision 1, Section D.4.4. Emergency Response involves the immediate actions taken to respond to a disaster (e.g., wildfire management). These actions include providing mobile telecommunications, operational support, power generation, search and rescue, and medical life saving actions. Impacts to emergency response information and the information systems that process and store emergency response information could result in negative impacts on cross-jurisdictional coordination within the critical emergency services infrastructure and the general effectiveness of organizations tasked with emergency response missions. Systems that handle Emergency Response information should operate at an impact level of LOW confidentiality, HIGH integrity, and HIGH availability, as recommended by NIST.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that handle the Key Asset and Critical Infrastructure Protection information type, as defined by NIST Special Publication 800-60, Volume II, Revision 1, Section D.2.2. Key Asset and Critical Infrastructure Protection involves assessing key asset and critical infrastructure vulnerabilities and taking direct action to mitigate vulnerabilities, enhance security, and ensure continuity and necessary redundancy in government operations and personnel. The Critical Infrastructure Information Protection Act of 2002 (6 U.S.C. 131-134) places specific controls on the dissemination of critical infrastructure information (see Volume I, 3.5.2.3). Under the provisions of Executive Order 13292, some anti-terrorism information is subject to security classification. National security information is outside the scope of this guideline. Systems that handle Key Asset and Critical Infrastructure Protection information should operate at an impact level of HIGH confidentiality, HIGH integrity, and HIGH availability, as recommended by NIST.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that handle the Leadership Protection information type, as defined by NIST Special Publication 800-60, Volume II, Revision 1, Section D.16.4. Leadership protection involves all activities performed to protect the health and well being of the president, vice-president, their families, and other high-level government officials. Some leadership protection information may be classified. All classified information is treated under separate rules established for national security information and is outside the scope of this guideline. Systems that handle Leadership Protection information should operate at an impact level of MODERATE confidentiality, LOW integrity, and LOW availability, as recommended by NIST.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that handle the Property Protection information type, as defined by NIST Special Publication 800-60, Volume II, Revision 1, Section D.16.5. Property protection entails all activities performed to ensure the security of civilian and government property. Systems that handle Property Protection information should operate at an impact level of LOW confidentiality, LOW integrity, and LOW availability, as recommended by NIST.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that handle the Substance Control information type, as defined by NIST Special Publication 800-60, Volume II, Revision 1, Section D.16.6. Substance control supports activities associated with the enforcement of legal substances (i.e., alcohol and tobacco) and illegal narcotics laws including trafficking, possession, sale, distribution, and other related activities. Systems that handle Substance Control information should operate at an impact level of MODERATE confidentiality, MODERATE integrity, and MODERATE availability, as recommended by NIST.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that handle the Trade Law Enforcement information type, as defined by NIST Special Publication 800-60, Volume II, Revision 1, Section D.16.8. Trade law enforcement refers to the enforcement of anti-boycott, international loan, and general trade laws. Systems that handle Trade Law Enforcement information should operate at an impact level of MODERATE confidentiality, MODERATE integrity, and MODERATE availability, as recommended by NIST.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a HIGH-HIGH-HIGH impact level, as recommended by NIEF. Pertains to systems that operate at HIGH confidentiality, HIGH integrity, and HIGH availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a HIGH-HIGH-LOW impact level, as recommended by NIEF. Pertains to systems that operate at HIGH confidentiality, HIGH integrity, and LOW availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a HIGH-HIGH-MODERATE impact level, as recommended by NIEF. Pertains to systems that operate at HIGH confidentiality, HIGH integrity, and MODERATE availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a HIGH-LOW-HIGH impact level, as recommended by NIEF. Pertains to systems that operate at HIGH confidentiality, LOW integrity, and HIGH availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a HIGH-LOW-LOW impact level, as recommended by NIEF. Pertains to systems that operate at HIGH confidentiality, LOW integrity, and LOW availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a HIGH-LOW-MODERATE impact level, as recommended by NIEF. Pertains to systems that operate at HIGH confidentiality, LOW integrity, and MODERATE availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a HIGH-MODERATE-HIGH impact level, as recommended by NIEF. Pertains to systems that operate at HIGH confidentiality, MODERATE integrity, and HIGH availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a HIGH-MODERATE-LOW impact level, as recommended by NIEF. Pertains to systems that operate at HIGH confidentiality, MODERATE integrity, and LOW availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a HIGH-MODERATE-MODERATE impact level, as recommended by NIEF. Pertains to systems that operate at HIGH confidentiality, MODERATE integrity, and MODERATE availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a LOW-HIGH-HIGH impact level, as recommended by NIEF. Pertains to systems that operate at LOW confidentiality, HIGH integrity, and HIGH availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a LOW-HIGH-LOW impact level, as recommended by NIEF. Pertains to systems that operate at LOW confidentiality, HIGH integrity, and LOW availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a LOW-HIGH-MODERATE impact level, as recommended by NIEF. Pertains to systems that operate at LOW confidentiality, HIGH integrity, and MODERATE availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a LOW-LOW-HIGH impact level, as recommended by NIEF. Pertains to systems that operate at LOW confidentiality, LOW integrity, and HIGH availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a LOW-LOW-LOW impact level, as recommended by NIEF. Pertains to systems that operate at LOW confidentiality, LOW integrity, and LOW availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a LOW-LOW-MODERATE impact level, as recommended by NIEF. Pertains to systems that operate at LOW confidentiality, LOW integrity, and MODERATE availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a LOW-MODERATE-HIGH impact level, as recommended by NIEF. Pertains to systems that operate at LOW confidentiality, MODERATE integrity, and HIGH availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
|
Minimal profile of security controls from NIST Special Publication 800-53 r4 for systems that need to operate at a LOW-MODERATE-LOW impact level, as recommended by NIEF. Pertains to systems that operate at LOW confidentiality, MODERATE integrity, and LOW availability. Includes only those applicable security controls from NIST SP 800-53 r4 that have been marked by NIST as Priority P1. Incorporates security control downgrading guidance, as appropriate, based on recommendations on page 35 of NIST SP 800-53 r4.
|
1.0 |
