I. Technical Field
The present invention generally relates to determining security requirements to insure compliance with privacy requirements. More particularly, embodiments of the present invention relate to determining security requirements for an information resource based on a sensitivity level derived from privacy requirements of information maintained by the information resource.
II. Background Information
The United States Postal Service (USPS) is an independent government agency that provides mail delivery and other services to the public. The USPS is widely recognized as a safe and reliable means for sending and receiving mail and other items. With the advent and steady growth of electronic mail and electronic commerce, the physical mail stream will increasingly be utilized for sending and receiving packages and other items.
The USPS processes and delivers billions of items each year. In this large-scale item delivery system, information resources are used extensively. Consequently, determining security requirements for information resources is desired. Great inefficiencies are created in conventional security requirements processes because, for example, they do not consider many critical elements. Accordingly, determining security requirements remains an elusive goal. Thus, there remains a need for efficiently determining security requirements. In addition, there remains a need for efficiently determining security requirements for an information resource.