DoD Instruction 8500.2 - Common Access Card (CAC)
DoD Instruction 8500.2 - Common Access Card (CAC)
DoD Instruction 8500.2 - Common Access Card (CAC)
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
DODI <strong>8500.2</strong>, February 6, 2003<br />
E4.T4. Levels of Total System Exposure and Operating Environment Robustness by Confidentiality<br />
Level<br />
Confidentiality<br />
Level<br />
Level of Internal<br />
System Exposure<br />
Level of External<br />
System Exposure<br />
Level of Total<br />
System Exposure<br />
High Low Low Low High<br />
Medium Low Medium Medium Medium<br />
Basic Low N/A Low Basic<br />
Level of Operating<br />
Environment<br />
Robustness<br />
E4.1.9. Each <strong>DoD</strong> information system shall be reviewed against the mission<br />
assurance category definitions provided in enclosure 2 of this <strong>Instruction</strong> and assigned<br />
to a mission assurance category. Each <strong>DoD</strong> information system shall be assigned a<br />
confidentiality level based on the classification or sensitivity of the information<br />
processed. The assigned mission assurance category and confidentiality level shall be<br />
used to determine the applicable IA Controls from Table E4.T2. These IA Controls<br />
shall constitute the baseline requirements for IA certification and accreditation or<br />
reaccredidation.<br />
Attachments - 6<br />
E4.A1. Mission Assurance Category I Controls for Integrity and Availability<br />
E4.A2. Mission Assurance Category II Controls for Integrity and Availability<br />
E4.A3. Mission Assurance Category III Controls for Integrity and Availability<br />
E4.A4. Confidentiality Controls for <strong>DoD</strong> Information Systems Processing<br />
Classified Information<br />
E4.A5. Confidentiality Controls for <strong>DoD</strong> Information Systems Processing Sensitive<br />
Information<br />
E4.A6. Confidentiality Controls for <strong>DoD</strong> Information Systems Processing Public<br />
Information<br />
53 ENCLOSURE 4