18 lines
1.3 KiB
Markdown
18 lines
1.3 KiB
Markdown
**Definition:**
|
|
"A *data classification* identifies the value of the data to the organization. Classification labels, the method by which they are assigned, and the required protection associated with the different labels, are identified in a policy."
|
|
Source: [CISSP_OSG_Chapter_5](../Standards/CISSP/CISSP_OSG_Chapter_5.md#Defining%20data%20Classifications)
|
|
|
|
Classification criteria should be risk based, for instance on potential damage to the organization, the privacy of individuals, national security, economic interests, or other critical concerns.
|
|
|
|
See also:
|
|
[Datatags System](../Literature%20notes/Datatags%20System.md)
|
|
[Def_Sec_Handbook_Chapter_2](../Literature%20notes/Def_Sec_Handbook_Chapter_2.md#Information%20classification)
|
|
[ISO 27002:2022 NL A5.12](../Standards/ISO27x/OST/27002/NL/a-5.12-Classificeren-van-informatie.md)
|
|
[Designing an information management scheme](../Literature%20notes/Designing%20an%20information%20management%20scheme.md)
|
|
[Data classification examples from SANS forum](Data%20classification%20examples%20from%20SANS%20forum.md)
|
|
[Key Topics for a Classified Information Security Policy](Key%20Topics%20for%20a%20Classified%20Information%20Security%20Policy.md)
|
|
[Traffic Light Protocol (TLP)](../Literature%20notes/Traffic%20Light%20Protocol%20TLP.md)
|
|
|
|
|
|
|
|
|