Expert Advice Community

Home / ISO 27001 & 22301 / Level of confidentiality

Guest

Level of confidentiality

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jun 17, 2016 Last commented:   Jun 17, 2016

Level of confidentiality

ISO 27001 & 22301
"The basic rule is to use the lowest confidentiality level ensuring an appropriate level of protection, in order to avoid unnecessary protection costs." What does it mean? There are four confidentiality level, is the Confidential the lowest?
0 0

Assign topic to the user

ISO 27001 INFORMATION CLASSIFICATION POLICY

Define the classification levels and how to protect the information.

ISO 27001 INFORMATION CLASSIFICATION POLICY

Define the classification levels and how to protect the information.
Expert
Dejan Kosutic Jun 17, 2016

Answer:

This quote is from our Classification Policy template, and this means that when classifying information, you should always take the lowest level of classification. This is because the higher the classification level, the more you will have to pay for the protection.

According to our Classification Policy template, the lowest level of confidentiality is "Internal use", however this is not mandatory according to ISO 27001.

See also this article: Information classification according to ISO 27001 https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 17, 2016

Jun 17, 2016

Suggested Topics
Guest user Created:   Aug 14, 2019 ISO 27001 & 22301
Replies: 1
0 0

Confidentiality level of a document
Guest user Created:   Jul 26, 2019 ISO 27001 & 22301
Replies: 1
0 0

SoA classification level
Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

Documents and records