Doa's It System Risk Analysis
RISK ASSESSMENT on the Department of the Army IT Systems
9 December 2012
1. Introduction
1.1 Purpose
This risk assessment was to identify threats and vulnerabilities related to the Department of the Army (DoA) Information Technology (IT) systems. It will be utilized to identify vulnerabilities in the Computer Network Defense (CND) Capabilities and mitigation plans related to DoA’s IT systems. It was realized that this was a potential high-risk system as noted by the Department of Defense (DoD) Chief Information Officer (CIO). (DoD, 2012)
1.2 Scope
This risk assessment applies to all DoA Non-secured Internet Protocol Router Network (NIPRNET) and Secured Internet Protocol Router Network (SIPRNET) for Regular Army and Reserve Components. This is a major system that is used by millions of Soldiers, contractors and DA civilians worldwide. The DoA’s IT system is …show more content…
The consequence of loss of integrity or availability is unacceptable and could include the immediate and sustained loss of mission effectiveness.
MAC II Is a high integrity, medium availability for DoD ISs handling information that is important to the support of deployed and contingency forces. The consequence of loss of integrity is unacceptable. Loss of availability is difficult to deal with and can only be tolerated for a short time.
MAC III Is a basic integrity, basic availability for DoD ISs handling information that is necessary for the conduct of day-to-day business, but does not materially affect support to deployed or contingency forces in the short- term. The consequences of loss of integrity or availability can be tolerated or overcome without significant impacts on mission effectiveness or operational
9 December 2012
1. Introduction
1.1 Purpose
This risk assessment was to identify threats and vulnerabilities related to the Department of the Army (DoA) Information Technology (IT) systems. It will be utilized to identify vulnerabilities in the Computer Network Defense (CND) Capabilities and mitigation plans related to DoA’s IT systems. It was realized that this was a potential high-risk system as noted by the Department of Defense (DoD) Chief Information Officer (CIO). (DoD, 2012)
1.2 Scope
This risk assessment applies to all DoA Non-secured Internet Protocol Router Network (NIPRNET) and Secured Internet Protocol Router Network (SIPRNET) for Regular Army and Reserve Components. This is a major system that is used by millions of Soldiers, contractors and DA civilians worldwide. The DoA’s IT system is …show more content…
The consequence of loss of integrity or availability is unacceptable and could include the immediate and sustained loss of mission effectiveness.
MAC II Is a high integrity, medium availability for DoD ISs handling information that is important to the support of deployed and contingency forces. The consequence of loss of integrity is unacceptable. Loss of availability is difficult to deal with and can only be tolerated for a short time.
MAC III Is a basic integrity, basic availability for DoD ISs handling information that is necessary for the conduct of day-to-day business, but does not materially affect support to deployed or contingency forces in the short- term. The consequences of loss of integrity or availability can be tolerated or overcome without significant impacts on mission effectiveness or operational