Information labelling
Assign topic to the user
Answer: This statement is only a recommendation. ISO 27001 control A.8.2.2 (Labeling of information) does not define any form of labeling, only that a labeling procedure must be defined and implemented (if the control is considered applicable). How to label information is an organization's decision. In cases where the implementation of labeling is not feasible, or it will require much effort or resources, an organization can define that labeling will not be applicable.
This article will provide you further explanation about informat ion handling:
- Information classification according to ISO 27001 https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/
Comment as guest or Sign in
Oct 28, 2017