Level of confidentiality
Assign topic to the user
Answer:
This quote is from our Classification Policy template, and this means that when classifying information, you should always take the lowest level of classification. This is because the higher the classification level, the more you will have to pay for the protection.
According to our Classification Policy template, the lowest level of confidentiality is "Internal use", however this is not mandatory according to ISO 27001.
See also this article: Information classification according to ISO 27001 https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/
Comment as guest or Sign in
Jun 17, 2016