ACP 122 (F) - Multilateral Planners Conference
ACP 122 (F) - Multilateral Planners Conference
ACP 122 (F) - Multilateral Planners Conference
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
UNCLASSIFIED<br />
<strong>ACP</strong> <strong>122</strong>(F)<br />
ensure that information required for operational support is available to the warfighter. The<br />
objectives of this policy are to ensure that:<br />
a. All sensitive information stored, processed, displayed or transmitted by combined<br />
CIS are safeguarded in a manner consistent with this publication and its<br />
subordinate publications,<br />
b. All sensitive assets, information and CIS products having intrinsic value to<br />
combined operational and management functions are safeguarded in a manner<br />
consistent with this publication and its subordinate publications, and<br />
c. The residual risk of compromise to sensitive information and assets is reduced to a<br />
level acceptable to the combined force.<br />
INFORMATION ASSURANCE ASSUMPTIONS<br />
207. The following are basic assumptions for IA:<br />
a. Info is always at risk from natural, accidental and deliberate actions; and<br />
b. It is not possible to ensure absolute protection of information.<br />
INFORMATION ASSURANCE OBJECTIVES<br />
208. The following are the objectives of IA:<br />
a. To protect information used in and for operational processes;<br />
b. To control access to information by ensuring appropriate clearances are obtained<br />
and need-to-know principles are applied;<br />
c. To provide the appropriate degree of information protection as determined by the<br />
criticality and security classification of the information; and<br />
d. To verify a consistent approach to the protection of information.<br />
INFORMATION ASSURANCE PRINCIPLES<br />
209. The following security principles will need to be considered:<br />
a. Assurance of Protection. CIS handling sensitive information shall provide<br />
assurance that its security functionality will perform consistently as specified.<br />
Both automated and manual techniques shall be employed regularly to verify that<br />
all required security mechanisms and procedures are invoked and operating<br />
properly;<br />
2-2 Original<br />
UNCLASSIFIED<br />
(Reverse Blank)