ML19246A144

From kanterella
Jump to navigation Jump to search
Fix-It / Clean-It
ML19246A144
Person / Time
Issue date: 09/03/2019
From: Anna Mcgowan
NRC/OCIO
To:
References
Download: ML19246A144 (5)
v  d  e


Text

ML19246A144 PTA Template (04-2019) 1 Privacy Threshold Analysis (To be used to determine whether a privacy impact assessment is required in accordance with the E-Government Act of 2002.)

Date submitted for review: July 9, 2019 Name of Project/System: FIX-IT/Clean-It Sponsoring Office: Office of Administration (ADM)

Project manager name and phone number:

Business Manager - Richard Branch (301-415-8389)

Technical POC - Karen Cudd (301-415-5362)

1) Describe (in detail) the project/system and its purpose:

FIX-IT/Clean-It is a portal that can be accessed via an Internet browser. It enables employees to report building problems, for example problems relating to heating, air conditioning, lighting, trash pickup, cleaning, pest control, electrical, or plumbing.

Corrigo manages and owns both the software and hardware from their headquarters and serves as an external system service provider (ESP). CorrigoNet service management software streamlines maintenance operations and service management of NRC facilities (e.g., door or refrigerator repair) by coordinating work-orders between all the players in the service delivery process: customers, service and dispatch agents, technicians and vendors, and NRC management. The facilities contractors, Warren Wiggins Contractors (WWC),

reside onsite during work hours and possess an NRC clearance. The WWC serve as the system administrator on behalf of the NRC.

2) What agency function does it support:

Facilities Management

3. Status:

New development effort.

Existing system.

Date first developed: June 6, 2003 Date last updated: July 9, 2019

ML19246A144 PTA Template (04-2019) 2 o Provide a general description of the update:

PTA was updated as part of the implementation and security assessment for the FIT-IT/Clean-It service. System information remains the same.

4. Do you have an NRC Enterprise Architecture (EA)/Inventory number?

Yes

1. If yes, please provide Enterprise Architecture (EA)/Inventory number.

20060046

2. If no, please contact EA Service Desk to get Enterprise Architecture (EA)/Inventory number.
5. Could the project/system relate in any way to individuals?

No Yes Provide a general description of the way the project could relate to an individual.

N/A

6. Does this project collect, process, or retain information on: (Check all that apply)

NRC employees?

Other Federal employees?

Contractors working on behalf of NRC?

Members of the public or other individuals?

System does not contain any such information.

7. Does this project use or collect Social Security Numbers (SSNs)? (This includes truncated SSNs, such as the last four.)

No Yes Why is the SSN collected or used? Provide the function of the SSN and the legal authority to do so.

ML19246A144 PTA Template (04-2019) 3 N/A Is the SSN full or partial SSN?

N/A

7. What information about an individual could be collected, generated or retained?

Provide a detailed description of the information that might be collected, generated, or retained such as names, addresses, phone numbers, etc.

NRC employee/contractor names, office/cubicle locations, office emails and office phone numbers

8. Does the system share personally identifiable information with any other NRC systems?

No Yes Identify the systems:

N/A

9. Does this system relate solely to infrastructure? [For example, is the system a Local Area Network (LAN) or Wide Area Network (WAN)]?

No Yes If yes, is there a log kept of communication traffic?

N/A If yes, what type of data is recorded in the log? List the data elements in the log.

N/A

10. Can the system be accessed remotely?

No Yes If yes, how?

ML19246A144 PTA Template (04-2019) 4 This service request website can be accessed remotely via the Internet

11. Can you map this system to an applicable retention schedule in NRCs Comprehensive Records Disposition Schedule(NUREG-0910), or NARAs General Records Schedules?

Yes If yes, please provide the schedule number, approved disposition, and describe how this is accomplished No If no, please contact the Records and Information Management (RIM) staff at ITIMPolicy.Resource@nrc.gov.

12. Is there an Authority to operate record?

Unknown No In progress Yes: Indicate the impact levels approved by CSO - Computer Security Organization for the following:

Confidentiality:

Low Moderate High Undefined Integrity:

Low Moderate High Undefined Availability:

Low Moderate High Undefined

ML19246A144 PTA Template (04-2019) 5 PRIVACY THRESHOLD ANALYSIS REVIEW (To be completed by: Information Services Branch, Governance &

Enterprise Management Services Division, Office of the Chief Information Officer)

System Name: FIX-IT/Clean-It Date reviewed: September 5, 2019 Name of the reviewer: Sally A. Hardy, Privacy Officer

_X_

No, this is NOT a privacy sensitive system - the system contains no personally identifiable information.

Yes, this IS a privacy sensitive system. A privacy impact assessment is required.

COMMENTS:

I concur with this analysis:

/RA/

Date: September 6, 2019 Anna T. McGowan, Chief Information Services Branch Governance & Enterprise Management Services Division Office of the Chief Information Officer

Retrieved from "https://kanterella.com/w/index.php?title=ML19246A144&oldid=4893525"