Sample Asset Identification and Classification Standard:

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 15:20, 13 January 2014 by Mdpeters (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Sample Asset Identification and Classification Standard

The Asset Identification and Classification Standard define Company objectives for establishing specific standards on the identification, classification, and labeling of Company information assets.

Objectives

The Company defines information classifications based on the sensitivity, criticality, confidentiality/privacy requirements, and value of the information. All information assets, whether generated internally or externally, must be categorized into one of these information classifications: Restricted, Confidential, Internal Use Only, or Public. When information of various classifications is combined, the resulting collection of information or new information must be classified at the most restrictive level among the sources. Specific instructions and requirements for classifying information assets are provided in the Sample Information Classification Standard.

All Restricted, Confidential, and Internal Use Only information must be labeled or marked with the appropriate information classification designation. Such markings must appear on all manifestations of the information. Specific instructions and requirements for labeling information assets are provided in the Sample Information Labeling Standard.

Document Examples

Use these samples as a guide for your policy development. Fully customizable versions are available from The Policy Machine.