The assessed potential impact resulting from a compromise of the confidentiality, integrity, or availability of an information type, expressed as a value of low, moderate, or high.
Source(s):
CNSSI 4009-2015 under impact value from NIST SP 800-30 Rev. 1

  The magnitude of harm that can be expected to result from the consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruction of information, or loss of information or information system availability.
Source(s):
CNSSI 4009-2015 from NIST SP 800-30 Rev. 1
NIST SP 800-30 Rev. 1 under Impact Level from CNSSI 4009

  The assessed worst-case potential impact that could result from a compromise of the confidentiality, integrity, or availability of information expressed as a value of low, moderate or high.
Source(s):
NIST SP 800-171 Rev. 2 under impact value from FIPS 199
NIST SP 800-37 Rev. 2 under impact value
NIST SP 800-53 Rev. 5 under impact value from FIPS 199
NIST SP 800-172 under impact value from FIPS 199

  Refers to the three broadly defined impact-levels in [FIPS 200] that categorize the impact of a security breach as Low, Moderate or High.
Source(s):
NIST SP 800-152 under Impact-level

  High, Moderate, or Low security categories of an information system established in FIPS 199 which classify the intensity of a potential impact that may occur if the information system is jeopardized.
Source(s):
NIST SP 800-34 Rev. 1 under Impact Level

  See impact value.
Source(s):
NIST SP 800-37 Rev. 2

  The assessed worst-case potential impact that could result from a compromise of the confidentiality, integrity, or availability of information expressed as a value of low, moderate, or high.
Source(s):
NIST SP 800-53B under impact value from FIPS 199

  The assessed potential impact resulting from a compromise of the confidentiality of information (e.g., CUI) expressed as a value of low, moderate, or high.
Source(s):
NIST SP 800-171 Rev. 1 [Superseded] under impact value