OnBoarding – Level of Risk Designation
Author: OHCM --- Rev. 12.01.2010
Individual’s Name: _____________________________________________________________
Personal Email Address: ________________________________________________________
Indicate the Level of Risk for “Physical” and “Logical” Access for the individual onboarding.
Physical Risk will be measure on a scale of 0 to 60 (Place a check mark √ next to the appropriate Scale #)
√ Scale Description
0 No access to NASA Facilities - this user only needs access to NASA's IT Resources - "IT Only".
Public Access Only - a user needs the ability to roads, attend "open" events. Generally non-
10 work affiliations
Access to Unrestricted, General Facilities - this user needs access to "open" facilities like
20 daycare and gyms that are generally non-work affiliation requirements.
Access to Restricted/Controlled Facilities - this user needs access to administrative facilities
30 to achieve work affiliation requirements.
Access to Limited/MEI Facilities - this user needs access to identified MEI facilities. This
access normally includes additional approval and training; please see center procedures for
40 this access.
Access to Closed/Classified Facilities - this user needs access to NASA Classified Facilities.
This user will need to have a completed background investigation and clearance before
50 access will be granted.
Logical Access Risk will be measured on a scale of 00 to 60 (Place a check mark √ next to the appropriate
√ Scale Description
0 No IT Access - this user only needs access to NASA Facilities.
10 Low Risk - This access presents very low risk to the Agency. (e.g., SATERN, WebEx)
Low Risk - The user will need access to basic tools such as: E-mail, desktop applications and
20 access to their own privacy data.
Moderate Risk - This user will need access to sensitive data such as: Other people’s privacy
30 data, SBU data, ITAR/EAR.
High Risk - This user will need access to operate command and control systems, human flight,
40 and human safety systems.
Very High Risk - This user will need access to classified systems. The user will need to have a
50 completed background investigation and clearance before access will be granted.
Page 1 of 1 OHCM Doc: document1