Data classification and labelling
Assign topic to the user
Answer: Data classification and labelling are ISO 27001 controls applied to protect information (controls A.8.2.1 and A.8.2.2 respectively). Information classification is used to segregate information according to their value to the organization and to define which type of controls should be applied to protect its confidentiality, integrity and availability during their life cycle (e.g., information with high classification may be gathered only by a certain people, and must be recorded only with electronic media). Labelling is used to allow people to identify the classification of an information, so they can handle them according to the specified rules.
This article will provi de you further explanation about data classification and labelling:
- Information classification according to ISO 27001 https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/
These materials will also help you regarding data classification and labelling:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Mar 16, 2017