Tag: "Product: ISO 27001/Information Classification Policy" - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • Information Classification Policy - “labeling” of information

    I am going through the documentation and have a question regarding the Information Classification Policy.

    More precisely regarding “labeling” of information. I would like to stick as close as possible to the default document.

    However, as a B2B communication agency almost all information we manage (and that is a lot) can be classified as “Internal use”.

    Is it ok to specify that all “(unlabeled)” or “INTERNAL” labeled information is to be considered “internal use”?

    So that we can avoid needing to label just about everything with the same label.

    Could can an alternative be to use “(unlabled)” for “internal use” and “public” for “public” assets?