Step 2: Select Provisional Impact Levels
In Step 2, organizations should establish provisional impact levels based on the identified information types in Step 1. The provisional impact levels are the original impact levels assigned to the confidentiality, integrity, and availability security objectives of an information type before any adjustments are made. Also in this step, the initial security categorization for the information type is established and documented.
Mission-Based Information Types
Management and Support Information Types
Service Delivery Support Information
Government Resource Management