Guest
Asset Classification Best Practices
Asset Classification Best Practices
Assign topic to the user
ISO 27001 INFORMATION CLASSIFICATION POLICY
Define the classification levels and how to protect the information.
Get it now 
ISO 27001 INFORMATION CLASSIFICATION POLICY
Define the classification levels and how to protect the information.
Get it now
ISO 27001 INFORMATION CLASSIFICATION POLICY
Define the classification levels and how to protect the information.
Get it now
Expert
Rhand Leal
Mar 04, 2021
Good practice suggests that information assets classification should be done through a four-step process:
- information assets should be entered in an Inventory of Assets, so you know which assets to protect
- information assets should be classified, considering their value to the organization and the impact if compromised
- information assets should be labeled, so people can identify their classification
- information assets should be handled in a secure way, considering their classification level
For further information, see:
- Information classification according to ISO 27001 https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/
- How to handle Asset register (Asset inventory) according to ISO 27001 https://advisera.com/27001academy/knowledgebase/how-to-handle-asset-register-asset-inventory-according-to-iso-27001/
These materials will also help you regarding risk assessment and information classification:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Mar 04, 2021
Mar 04, 2021
Mar 04, 2021