...
- Moderate confidentiality requirements -- that is, loss of confidentiality would be expected to have a serious adverse effect on organizational operations, assets, or individuals. A breach of confidentiality would damage our relationship with our constituency and seriously impact our ability to collect accurate data with which to manage fisheries, as well as exposing us to litigation and professional disrepute.
- Moderate integrity requirements -- among other things data from this data system could be used to establish individual fishing quotas based on historical participation in a fishery. Individual fishing quotas have value, and it is critical to maintain access controls, change tracking, and auditability.
- Low availability requirements -- a temporary loss of availability would be expected to have a limited adverse effect. Transactions dependent on this data are not particularly time-sensitive, and business requirements could be met via manual methods during a temporary system outage.
...