What controls are in place to protect the data and prevent unauthorized access?
Some data is consolidated based on requirements. However, rather consolidated or not the following controls are in place to protect our data.
Privacy Impact Assessment for Guaranteed
The applications capability to establish access control lists (ACL) or registers is based upon the basic security setup of the operating system.
Application users are restricted from accessing the operating system, other applications, or other system resources not needed in the performance of their duties via access
given to User IDs limited to what is needed to perform their job.
The controls used to detect unauthorized transaction attempts are security logs/audit trails.
Users are required to have password- protected screensavers on their PC’s to prevent unauthorized access.
5. Warning banners are used to warn and inform users who sign on to the system that this is a secure and
private network. Warning banners are in compliance with USDA guidelines.
Quarterly verifications reports are produced and required to be reviewed
...... bY !:be respoqs b e ~o nt of Contact f ~F~C),bag~diaht~igabiz~tioi~!’
Are processes being consolidated?
 Yes  No If NO, go to question 14.
What controls are in place to protect the data and )revent unauthorized access?
NIST SP 800-53 Security Controls are discussed in detail in the System Security Plan.
How long is the data retained whether it is on paper, electronic, in the system or in a backup?
What are the procedures for purging the data at the end of the retention period?
2,3 Data Retention
 Yes  No - IfNO, go to question 15.
Question Is the data periodically purged from the system?
Date: July 16, 2009