Sample Asset Information Handling Standard

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search

Sample Asset Information Handling Standard

This Information Handling Standard builds on the objectives established in the Asset Protection Standard, and provides specific instructions and requirements for handling information assets. These instructions address handling requirements for printed, electronically stored, and electronically transmitted information.

Objectives

The Company defines information classifications based on the sensitivity, criticality, confidentiality/privacy requirements, and value of the information. All information assets, whether generated internally or externally, must be categorized into one of these information classifications: Restricted, Confidential, Internal Use Only, or Public. When information of various classifications is combined, the resulting collection of information or new information must be classified at the most restrictive level among the sources. Specific instructions and requirements for classifying information assets are provided in the Sample Information Classification Standard.

All Restricted, Confidential, and Internal Use Only information must be labeled or marked with the appropriate information classification designation. Such markings must appear on all manifestations of the information. Specific instructions and requirements for labeling information assets are provided in the Sample Information Labeling Standard.

Document Examples

Use these samples as a guide for your policy development. Fully customizable versions are available from The Policy Machine.