Skip to main contentAbout USAID Locations Our Work Public Affairs Careers Business / Policy
USAID: From The American People Privacy and Security Multi-grade schools and scholarships give girls a real opportunity to learn in Egypt - Click to read this story

Privacy Policy »
Privacy Act (PDF) »
Privacy Program »
Privacy Impact Assessments »
Systems of Records Notices (SORNs) »
Automated Directives System »
Freedom of Information Act »
 
USAID Email Contacts

Search




You are here » Home »

Information System Security Line of Business - Tip of the Day

UNITED STATES AGENCY FOR INTERNATIONAL DEVELOPMENT
Information System Security Line of Business (ISS LOB)
Security Tip of the Day (TOD)
Privacy Impact Assessment (PIA)

OVERVIEW

The USAID Privacy Office, in conjunction with the Bureau for Management, Office of the Chief Information Security Officer, conducted a PIA of the Security TOD application. Security TOD is the application which provides agency-wide, day-to-day awareness training for all USAID personnel. Security TOD is a GOTS application.

Comments or questions about TOD should be addressed to: Philip M. Heneghan, Chief Information Security Officer, United States Agency for International Development, 1300 Pennsylvania Avenue, N.W., RRB, 2.12-003, Washington, D.C. 20523-2052.

INFORMATION COLLECTION (WHAT)

USAID uses Security TOD to provide agency-wide, day-to-day information security awareness training to all personnel who have access to the USAID General Support System, AIDNet. TOD application uses two data elements, name and network user id, when combined can be considered personally identifiable information.

INFORMATION COLLECTION (WHY)

Security TOD uses network user id to log who has received a tip and the response to the tip.

AGENCY INTENDED USE

TOD uses the user id to aggregate monthly reports on the number of users receiving awareness training and to validate that users are receiving specific quantities of training.

INFORMATION SHARING

Security TOD does not share information externally or with any other USAID information systems.

NOTICE OF OPPORTUNITIES FOR CONSENT

The awareness training provided is required to meet the Federal awareness training requirements; therefore, there are no opportunities for consent to decline.

INFORMATION SECURITY

Administrative controls include information security training before access to the network is provided. Thereafter, information security awareness training is provided through this system. In addition, all employees and contractors obtaining access to USAID's information systems must meet the vetting requirements outlined in Homeland Security Presidential Directive 12 before obtaining a network account.

Technical controls include user ID and password. Access is restricted to only those users with a required and stated business need.

Physical access to USAID space is controlled through the use of guards, card reader technology, identifications badges and cipher locks.

SYSTEM OF RECORDS NOTICE (SORN)

Security Tip of the Day does not require a system of records notice. While two data elements are maintained, the routine use and indexing requirements for data records that contain PII are not met in the day-to-day operation of the system.

Back to Top ^

 

About USAID

Our Work

Locations

Public Affairs

Careers

Business/Policy
 Digg this page : Share this page on StumbleUpon : Post This Page to Del.icio.us : Save this page to Reddit : Save this page to Yahoo MyWeb : Share this page on Facebook : Save this page to Newsvine : Save this page to Google Bookmarks : Save this page to Mixx : Save this page to Technorati : USAID RSS Feeds Star Home : What's New : FOIA Requests : Privacy Policy : Email This Page : Plug-ins : FAQs : Help Desk : Contact Us : Site Map Mon, 17 Dec 2007 15:58:37 -0500
 


Last Updated on: December 17, 2007