Sample Information Handling Standard:: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
No edit summary
No edit summary
 
Line 65: Line 65:
Image:Information Handling Standard(9).png|Information Handling Standard page ten of ten.
Image:Information Handling Standard(9).png|Information Handling Standard page ten of ten.
</gallery>
</gallery>
[[file:Information Handling Standard.png]]
[[file:Information Handling Standard(1).png]]
[[file:Information Handling Standard(2).png]]
[[file:Information Handling Standard(3).png]]
[[file:Information Handling Standard(4).png]]
[[file:Information Handling Standard(5).png]]
[[file:Information Handling Standard(6).png]]
[[file:Information Handling Standard(7).png]]
[[file:Information Handling Standard(8).png]]
[[file:Information Handling Standard(9).png]]

Latest revision as of 18:18, 23 January 2014

Sample Information Handling Standard

This Information Handling Standard builds on the objectives established in the Asset Protection Standard, and provides specific instructions and requirements for handling information assets. These instructions address handling requirements for printed, electronically stored, and electronically transmitted information.

Objectives

A. Printed Information


1. All printed information shall be handled based on its confidentiality classification. A description of handling requirements for each confidentiality classification category is provided in the following table:


RestrictedConfidentialInternal Use OnlyPublic
Labeling
Intra-Company or Office Mail
Duplication
Mailing of Documents
Disposal
Storage


B. Electronically Stored Information


1. All electronically stored information shall be handled based on its confidentiality classification. A description of handling requirements for each confidentiality classification category is provided in the following table:


RestrictedConfidentialInternal Use OnlyPublic
Labeling (application or screen)
Labeling (electronic media)
Stored on fixed media with access controls
Stored on fixed media without access controls
Storage on removable media
Disposal of electronic media
Disposal of information


C. Electronically Transmitted Information


1. All electronically transmitted information shall be handled based on its confidentiality classification. A description of handling requirements for each confidentiality classification category is provided in the following table:


RestrictedConfidentialInternal Use OnlyPublic
Local Area Network
Wide Area Network
Non-Secure/Public Networks
Electronic Mail
Fax
Voice-Mail


Document Examples

Use these samples as a guide for your policy development. Fully customizable versions are available from The Policy Machine.