The purpose of this standard is to assist Users, Stewards, Managers, and Information Service Providers in identifying what level of security is required to protect data for which they are responsible.