DEPARTMENT OF TRANSPORTATION
Federal Aviation Administration
Office of Assistant Administrator for Financial Services (ABA)

PRIVACY IMPACT ASSESSMENT

QLIKVIEW

April 2010

System Overview

The Federal Aviation Administration (FAA), within the Department of Transportation (DOT), has been given the responsibility to carry out safety programs to ensure the safest, most efficient aerospace system in the world. The FAA is responsible for:

Regulating civil aviation to promote safety;
Encouraging and developing civil aeronautics, including new aviation technology;
Developing and operating a system of air traffic control and navigation for both civil and military aircraft;
Developing and carrying out programs to control aircraft noise and other environmental effects of civil aviation; and
Regulating U.S. commercial space transportation.

One of the systems that helps the FAA fulfill this mission is the QLIKVIEW system, which serves as a centralized repository of historical financial information for the FAA which facilitates more efficient processing on the part of downstream financial systems.

Several organizations within the Office of Financial Reporting and Accountability (AFR) and ABA-20 contribute to and are involved in the cyclical financial audits conducted by external auditors. Auditors can be from the FAA External Auditing Firm or other Government Agencies authorized to conduct audits of the FAA. This process entails gathering transactional financial data from Delphi and other sources (i.e., the Federal Transit Agency for grant payments via Electronic Clearing House Operation (ECHO) Computer System) and applying various business rules to create Prepared By Client (PBCs) data sets for the auditors.

QLIKVIEW has only one interconnection; the Advanced Reporting System (ARS) data mart component of the Reporting, Analysis, and Distribution System (RADS). The RADS system is also owned by ABA and has a Privacy Impact Assessment prepared.

Personally Identifiable Information (PII) and QLIKVIEW

Within the FAA Office of the Chief Financial Officer the accounting department maintains the QLIKVIEW system. The QLIKVIEW system provides a view of accounting data by the financial department for reporting accounting data and other FAA financial transactions. The information is transferred from the Department of Transportation main accounting system Delphi and is subsequently loaded into QLIKVIEW and held in memory. No data is entered into the system by any user.

The QLIKView system contains PII and non-personally identifiable information pertaining to FAA employees and businesses/persons that have paid money to or received money from the FAA. This information includes:

Full Name
Credit Card Number
Home Address
Business Address

Why QLIKVIEW Collects Information

QLIKVIEW collects information in order for system users to perform analysis of budget, financial, and performance management functions of FAA financial systems.

How QLIKVIEW Uses Information

Information in QLIKVIEW is primarily used by the FAA financial information community who are tasked with providing budget, financial, and performance management data of FAA financial systems as requested by individuals who are authorized to audit the FAA.

How QLIKVIEW Shares Information

PII contained in QLIKVIEWS is shared with the FAA’s outside auditing firm. Authorized users access finalized QLIKVIEW data, as it is stored in system memory, and therefore accessible as “read-only”. QLIKVIEW employs a “least privilege” to safeguard the PII in the database. Privileges to access the system is reviewed on an annual basis.

How QLIKVIEW Provides Notice and Consent

For an individual’s PII to be included in the QLIKVIEW system, that individual must:

Have paid money to the FAA.
Have received money from the FAA.
Be an FAA employee who has had travel orders or reimbursement voucher.
Be an FAA employee who has purchased with an FAA purchase card or made a purchase request.
Be an FAA employee who has entered data into the Delphi accounting system.
Be an FAA employee who is the project manager of a FAA project.

The QLIKVIEW system is a copy of the ARS data mart stored in the server’s memory. For rapid analysis ARS information is stored in computer memory, as opposed to the disk based Storage Area Network employed by ARS. The origin of ARS data is Delphi. The Delphi PIA states that “Entry of PII into Delphi is a necessary condition of any employment relationship, payment, or other financial transaction with DOT.”

How QLIKVIEW Ensures Data Accuracy

The QLIKVIEW system is a copy of the ARS accounting system data for the FAA financial transactions. Information is transferred from Delphi and loaded into ARS as an automated electronic data feed. QLIKVIEW subsequently receives a copy of this information. No data is entered into the system by any user. When data is loaded into QLIKVIEW the data is checked to ensure it loaded properly from the Delphi using accounting transaction totals, not PII. No verification is done regarding the accuracy of the PII data values in the source file other than what is provided by the Delphi accounting system.

Individuals may request searches to determine if any records have been added that may pertain to them. Since the QLIKVIEW system is a copy of the Delphi accounting system data, it is not the official system of record for the data. Any requests under the Privacy Act should be directed to the official system of record, Delphi.

How QLIKVIEW Provides Redress

Since the QLIKVIEW system is merely a copy of the Delphi accounting system data, it is not the official system of record for the data. Any requests under the Privacy Act, including requests to correct information should be directed to the official system of record, Delphi.

Upon written notification to the ABA-20 program office by the official system of record, Delphi that a correction of personal information has been made to that system in response to a Privacy Act request, a similar change will be made in the QLIKVIEW system.

For questions relating to privacy go to the FAA Privacy Policy: http://www.faa.gov/privacy/

How QLIKVIEW Secures Information

QLIKVIEWS takes appropriate security measures to safeguard PII and other sensitive data.

QLIKVIEWS utilizes a proprietary third party database that encrypts the logon process and stores the account passwords in an encrypted format.
AMI employs automated tools, such as FoundStone Enterprise and Nmap on the AMC Domain to identify technical vulnerabilities and manage system patches.
Symantec Antivirus Corporate Edition (SAV CE), with the latest virus pattern signatures, protects the QLIKVIEW’s data and program integrity from problems introduced by malicious code.
The FAA Enterprise Network (ENET) security services defend against external threats (those originating from the Internet) thereby protecting the FAA internal networks infrastructure. This significantly reduces the potential risks introduced by intentional human threats and malicious code threats originating from outside of the FAA’s network.
Implementation of various operational and technical controls assures user accountability, including: annual user security awareness training, user acknowledgement and adherence to the Rules of Behavior, interconnection agreement or Memorandum of Understanding (MOUs) with downstream systems, and the system administrators regularly reviewing the system/application logs for anomalous activity. There have been no known violations that would require disciplinary action to date.

In addition, access to QLIKVIEW PII is limited according to job function. QLIKVIEW access control privileges are set according to the following roles:

Data subscribers (External Auditors)
System administrators
Database administrators

The matrix below describes the levels of access and safeguards around each of these roles as they pertain to PII.

Role	Access	Safeguards
Data Subscribers	Read-Only access to Qlikview data	Requires all users to have a User ID and Password Users automatically inactivated after 90 days System Administrator review of access activities Prescribed password parameters (e.g., length, character type). Password data is encrypted.
System Administrators	Search and view user names and profile information Grant Data Subscriber accounts, reset account passwords, view system log	Administrators required to have user ID and Password Required on-going security training
Database administrators	Search and view user names and profile information Grant Database Administrator accounts, reset account passwords, view system log information Delete profiles (without viewing full profile information)	Requires all users to have a User ID and Password. Users automatically inactivated based upon agency-defined rules. Users automatically inactivated after a prescribed number of failed login attempts. Passwords expired after a user-defined time period. Prescribed password parameters (e.g., length, character type). Password data is encrypted. System level configuration

In addition the requirements of the Federal Information Security Management Act of 2002 (FISMA), a Security Certification and Accreditation (C&A) was completed for QLIKVIEW. The C&A process is an audit of policies, procedures, controls, and contingency planning, required to be completed for all federal government IT systems every three years. All relevant policies, procedures and guidelines, including NIST Special Publication 800-53, have been followed to ensure the security of the system and the information it contains.

How Long QLIKVIEW Retains Information

Data in the QLIKVIEW system is maintained as outlined in the FAA Records Management Order 1350.15C. For reporting information relating to financial information in the form of reports and analysis of financial actions the cut off is at the end of the fiscal year in which records supports. Destroy seven years after cut off in accordance with applicable federal standards or in accordance with limitations on civil actions by or against the U.S. Government (28 U.S.C. 2401 and 2415) if no longer required for business purposes.

System of Records

QLIKVIEWS is not a system of records subject to the Privacy Act because it is not designed to be searched by name, SSN, address, phone number, or any other personally identifiable field. Although those fields exist in the database, the system is designed to be searched by date A current Certification and Accreditation package in accordance with NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems; and FAA Order 1370.82A, Information Systems Security Program, as amended, has been prepared for QLIKVIEW and Authority to Operate has been signed by Mark Bruno, Chief Information Officer for the Office of Finance, ABA-020.