Federal Data Registry (FDR)

Rules of Behavior and Acknowledgement

1. Responsibilities
Read this document and sign it.
This document describes the responsibilities and expectations of every user with access to
FDR information resources, such as applications, computers, and networks. A user is
defined as any Federal employee, contractor, subcontractor, consultant, or partner aviation
personnel who are authorized to develop, design, maintain, supervise, operate, inspect, or
otherwise interact with the FDR directly or indirectly from any location. Each user must
agree to observe these rules as a condition of initial or continued access to the FDR.
Non-compliance with these rules will be enforced by the FDR system administrators, FDR
Registrar, or appropriate management or supervisory personnel through measures
commensurate with the level of infraction. This might include removal of system access
privileges for a certain period of time, reassignment to other duties, verbal or written
warning, or termination, depending on the severity of the violation. Federal law provides for
punishment consisting of a fine under Title 18, U.S. Code and up to 10 years in jail for
anyone who intentionally accessing a government information system without authorization,
and alters, damages, or destroys information, or prevents authorized use of the system
This documented is supplemented by a supporting Detailed Rules of Behavior document
(ftp://ftp.tc.faa.gov/FDR/FDR-Detailed-Rules-of-Behavior-v1-3.doc) which provides further
explanation and details of the rules and requirements cited herein. You must read these
detailed rules before acknowledging the FDR Rules of Behavior below.
If there is anything in this document that you do not understand, contact FDR personnel
listed in the Detailed Rules of Behavior to obtain clarification. You must sign this document
and return it to the FDR Registrar, to indicate that you have read it and that you agree to
comply with these rules.
2. Policies and Procedures
This document and the supplemental Detailed Rules of Behavior do not replace or add to
existing policies and procedures. Rather they further supplement, articulate and are
consistent with existing Federal, DOT and FAA policies, procedures, and practices.
3. Application and Organization Rules
You must read the supporting Detailed Rules of Behavior (FDR-Detailed-Rules-of-Behavior-
v1-3.doc) for further explanations of the following FDR Rules. (Download it to the same
folder as this document for the hyperlinks to work properly)
Introduction – This sumarrizes the basis for these rules of access
Rights and Responsibilities
Be familiar with Information Systems Security policy and procedures
Know your rights and responsibilities
Know who is responsible for information system and its security.
Be familiar with system documentation and each system’s security requirements
Participate in required security training

671528716.doc Page 1 of 2
 FDR Rules of Behavior and Acknowledgement
Other Policies and Procedures-Applicable Laws, Regulations, Policies, etc.
Comply with Federal and FAA Laws, Regulations and Policies
Use government computers and equipment only for intended and authorized purposes
Handle and Protect Sensitive Materials appropriately
Do not discuss with or disclose data to anyone but authorized persons.
Never leave your workstation logged on when unattended
Never change your computer configuration without appropriate coordination
Comply with all Copyright restrictions
Ensure a safe and secure working environment that prevents corruption, disruption or
unauthorized access of federal resources and data
Protect Security Measures and Report Security events and incidents.

Application Rules
Follow approved password and account management procedures
Comply with your access privileges
Use Information Systems in a manner that justifies trust and confidence
4. Acknowledgment
I understand that Federal law provides for punishment under Title 18, U.S. Code, including a
fine and up to 10 years in jail for the first offense for anyone who:
a. Knowingly accesses an information system without authorization, or exceeds
authorized access, and obtains information that requires protection against
unauthorized disclosure.
b. Intentionally, without authorization, accesses a government information system and
impacts the government’s operation, including availability of that system.
c. Intentionally accesses a government information system without authorization, and
alters, damages or destroys information therein.
d. Prevents authorized use of the system or accesses a government information system
without authorization, or exceeds authorized access, and obtains anything of value.
My signature below indicates that I have read, understood, and will comply with the rules
and requirements in the previous pages. I also understand that failure to comply with the
requirements may result in disciplinary action.

User Name (please print)_____________________________________

User Signature_____________________________________________

Organization_______________________________________________

Date_____________________________________________________

671528716.doc Page 2 of 2