Impact Level

Get Certified Get Ahead

The magnitude of harm that can be expected to result from the consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruction of information, or loss of information or information system availability. 

See CNSSI 4009-2015 (NIST SP 800-30 Rev. 1) under Impact Level (CNSSI 4009) for more information.  
Refers to the three broadly defined impact-levels in [FIPS 200] that categorize the impact of a security breach as Low, Moderate or High.

See NIST SP 800-152 under Impact-level for more information. 
High, Moderate, or Low security categories of an information system established in FIPS 199 which classify the intensity of a potential impact that may occur if the information system is jeopardized. 

See  NIST SP 800-34 Rev. 1 under Impact Level for more information. 

Share this Post