Information classification

Objective: To ensure that information assets receive an appropriate level of protection.

Security classifications should be used to indicate the need and priorities for security protection.

Classification guidelines

Protection for classified information should be consistent with business needs. Classifications should show the value, sensitivity and criticality of the asset.

Information labelling and handling

Classified information and outputs from systems handling organisationally classified data should be labelled and handled appropriately according to their classification.

Commentary
Things to Watch

An Introduction To Information, Network and Internet Security
Information classification Objective: To ensure that information assets receive an appropriate level of protection. Security classifications should be used to indicate the need and priorities for security protection. Classification guidelines Protection for classified information should be consistent with business needs. Classifications should show the value, sensitivity and criticality of the asset. Information labelling and handling Classified information and outputs from systems handling organisationally classified data should be labelled and handled appropriately according to their classification. Commentary Things to Watch	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security