Ver:
An analysis of how
information is handled:
(i) to ensure
handling conforms to applicable legal, regulatory, and policy requirements
regarding privacy;
(ii) to determine
the risks and effects of collecting, maintaining, and disseminating information
in identifiable form in an electronic information system; and
(iii) to examine
and evaluate protections and alternative processes for handling information to
mitigate potential privacy risks. [OMB Memorandum 03-22]
[NIST-SP800-53:2013]
An analysis of
how information is handled 1) to ensure handling conforms to applicable legal,
regulatory, and policy requirements regarding privacy; 2) to determine the
risks and effects of collecting, maintaining, and disseminating information in
identifiable form in an electronic information system; and 3) to examine and
evaluate protections and alternative processes for handling information to
mitigate potential privacy risks. [CNSSI_4009:2010]
Temas relacionados