Asset Classification and Control:
Asset Classification and Control
ISO 17799 defines Asset Classification and Control objectives to maintain appropriate protection of organizational assets and ensure that information assets receive an appropriate level of protection. This section provides templates for Information Security standards that are required to comply with ISO Asset Classification and Control objectives and support the objectives established in the Asset Identification and Classification Policy.
- 1. Sample ISO Information Classification Standard
- The Information Classification Standard is required to comply with ISO Asset Classification and Control objectives, and builds on the objectives established in the Asset Identification and Classification Policy by providing specific requirements for classifying information assets.
- 2. Sample ISO Information Labeling Standard
- The Information Labeling Standard is required to comply with ISO Asset Classification and Control objectives, and builds on the objectives established in the Asset Identification and Classification Policy by providing specific requirements for labeling information assets.