Versions Compared

Version Old Version 62 New Version 63
Changes made by

Larry Talley - NOAA Federal (Unlicensed)

Larry Talley - NOAA Federal (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Lowest Assurance Level that Mitigates All Impact Categories

Mitigating Controls

Appropriate Assurance Level with Consideration of Mitigating Controls

Proposed E-signature Alternative

Level 3---...appropriate for transactions needing high confidence in the asserted identity's accuracy. People may use Level 3 credentials to access restricted web services without the need for additional identity assertion controls.

Multiple sources of information, some with counter-balancing incentives.

Users are permitted and have an ongoing "trusted relationship" with NMFS.
There are various mitigating controls in permit application/renewal/transfer business processes, so the e-signature process does not have to address all of the transaction risk.

Level 2---On balance, confidence exists that the asserted identity is accurate. Level 2 credentials are appropriate for a wide range of business with the public where agencies require an initial identity assertion (the details of which are verified independently prior to any Federal action).

NPS-like