Asset Classification and Control:

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 17:08, 25 July 2006 by Mdpeters (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Asset Classification and Control

ISO 17799 defines Asset Classification and Control objectives to maintain appropriate protection of organizational assets and ensure that information assets receive an appropriate level of protection. This section provides templates for Information Security standards that are required to comply with ISO Asset Classification and Control objectives and support the objectives established in the Asset Identification and Classification Policy.

1. Sample ISO Information Classification Standard
The Information Classification Standard is required to comply with ISO Asset Classification and Control objectives, and builds on the objectives established in the Asset Identification and Classification Policy by providing specific requirements for classifying information assets.


2. Sample ISO Information Labeling Standard
The Information Labeling Standard is required to comply with ISO Asset Classification and Control objectives, and builds on the objectives established in the Asset Identification and Classification Policy by providing specific requirements for labeling information assets.