The Information Classification Procedure describes the actions necessary to comply with the Company’s Information Security Policy and Information Classification Policy.
Security classifications are used to indicate the need and priorities for security protection.
Information has varying degrees of sensitivity and criticality. Some items may require an additional level of security protection or special handling. A security classification system is used to define an appropriate set of security protection levels and to communicate the need for special handling measures to users.
CONTENT
1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. REQUIREMENTS
3.1 PRINCIPLES OF CLASSIFICATION SCHEME AND HANDLING
3.2 CLASSIFICATION MARKINGS
3.3 HANDLING DIRECTIVES/MODIFIERS
3.4 CLASSIFICATION SECURITY MEASURES
4. RESPONSIBILITIES
5. EXCEPTIONS
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
Pages: 12
This bundle contains all the products listed in the Data Governance section. Take advantage of the 25% OFF when buying the bundle!
The techniques of dual control and segregation of duties have to be implemented to enhance the control over activities wherever the risk and impact of an IT Security incident would likely result in financial or other material damage to the organization.
The Antivirus Policy and Guideline Work Instruction describes the measures taken by the Company to protect the company IT Office systems (PC, Laptop, Servers) against viruses, spyware, trojans and other malware.
Review Information Classification Procedure.
You must be logged in to post a review.