Expert Advice Community

Guest

How to Implement Information Classification in a Dept.

  Quote
Guest
Bills Created:   Jan 06, 2020 Last commented:   Jan 07, 2020

How to Implement Information Classification in a Dept.

Hi

I want to implement data classification in a dept. I should know how to approach this practice? What are the things and documents that I should consider for this classification. I already have information classification procedure which has levels of the classification defined but that is not implemented on the ground

I want to start the implementation and want to cover both structured and unstructured data.

Please advise

Thanks

 

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 07, 2020

Since you already have an information classification procedure, you first should review the document to see if it:
Considering ISO 27001, to implement the operational steps of a document (e.g., policies and procedures), you need to:
- properly covers legal and contractual requirements your organization must fulfill(e.g., laws, regulations, contracts which demand information classification)
- properly covers the results of your risk assessment
- is optimized and aligned with your other document(s)

Once you ensure the document is properly structured and written, and approved, you should consider developing some examples and training material to explain to your employees why such a policy or procedure is necessary and how to classify information. As an example on how to explain this process, please see: Information classification according to ISO 27001 https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/

For further information, please see:
- Seven steps for implementing policies and procedures https://advisera.com/27001academy/knowledgebase/seven-steps-for-implementing-policies-and-procedures//

This material will also help you regarding elaborating documents:
- Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 06, 2020

Jan 07, 2020