Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

Expert Advice Community

Guest

A.6.2 Mobile Device and Teleworking Policy

  Quote
Guest
Guest user Created:   Apr 07, 2020 Last commented:   Apr 07, 2020

A.6.2 Mobile Device and Teleworking Policy

Our team has recently started to look into the documents from the package.
At this moment I am trying to start working on the “A.6.2 Mobile Device and Teleworking Policy”. In this document, there’s a point which says:

"protection of sensitive data must be implemented in accordance with the [Information Classification Policy]"

Can you please provide some guidance hear, what should we add in information Classification Policy or what kind of techniques can help us to Implement this Process?
Can you please help us with it document at the earliest possible.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 07, 2020

Please note that your toolkit already contains a template for the Information Classification Policy, located on folder 08 Annex A Security Controls >> A.8 Asset Management

Basically, the process for information classification should cover these steps:

  • Inventory information: know which classified information you have in your possession, and who is responsible for it
  • Classify information: give a degree of classification according to the value of information
  • Label information: how the information classification is known by users
  • Handle information: rules on how to protect each type of information depending on the classification level

This article will provide you further explanation about Information classification according to ISO 27001:

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Apr 07, 2020

Apr 07, 2020