1-3 Importance of Certification and Accreditation

The C&A process provides Postal Service business owners with a consistent method for making informed decisions on managing security risks related to their information resources. Benefits include the following:

  1. A structured view of the potential risks associated with information resources and the relationships among business partnerships.
  2. Determination of sensitivity which is the degree to which the Postal Service must protect the confidentiality and integrity of information. Levels of sensitivity are sensitive-enhanced, sensitive, and nonsensitive.
  3. Determination of criticality which is the degree to which the Postal Service must provide for continuous availability of information and the protection of the health and safety of personnel. Levels of criticality are critical and noncritical.
  4. Documentation of the information security controls and processes needed to protect the confidentiality, integrity, and availability of Postal Service information resources.
  5. Systematic approach to the initial and periodic test of those controls and processes.
  6. The development of standard operating procedures and training.
  7. Protection of the privacy of employees and customers. Privacy is the protection afforded individuals and customers from the collection, storage, and dissemination of information about themselves and possible compromises resulting from unauthorized release of that information.
  8. Protection of Postal Service assets and brand.
  9. Compliance with the intent of applicable federal laws and regulations.
  10. Current status of each application and deliverable.
  11. Automated archival repository for deliverables and letters.