Guest user Created: Jun 06, 2019 Last commented: Jun 06, 2019

Information classification policy

ISO 27001 & 22301

I need help on Information Security Classification Standard how can i do first draft and important materials.

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Jun 06, 2019

Answer:

ISO 27001 does not prescribe which categories to implement, so organizations are free to define the ones that best suit their needs, and these can either be based on legal requirements the organization must comply with (e.g., laws or regulations which define or recommend lists of categories), based on a framework developed by the organization itself, or based on market best practices. Examples of classification levels are:
- Secret and Top secret
- Unclassified
- Non sensitive

For further information about information classification, see: Information classification according to ISO 27001 https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/

To see how an Information Classification Policy looks like, I suggest you to take a look at the free demos of our Information C lassification Policy at this link: https://advisera.com/27001academy/documentation/information-classification-policy/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jun 06, 2019

Expert Advice Community