Information Classification and Handling Policy Template

£100.00

The purpose of this policy is ensuring the correct classification and handling of information based on its classification. Information storage, backup, media, destruction and the information classifications are covered here. For each classification Information Guidance is provided, GDPR considerations, Information Examples, Document Marking, Information Controls and Destruction are covered.

For the document contents see the description below. A document extract is in the images to the left.

You may also like the full ISO 27001 policy template pack for all 26 ISO 27001 policies.

 

Information Classification and Handling Policy Template

Purpose

The purpose of this policy is ensuring the correct classification and handling of information based on its classification.
The information contained in the policy is summarised in the accompanying document: Information Classification Summary.xlsx

Scope

All company employees and external party users.
Personal Data as defined by GDPR.
Information that forms part of systems and applications deemed in scope by the ISO 27001 scope statement.

Principle

Information should be classified in terms of legal requirements, value, criticality and sensitivity to unauthorised disclosure or modification.

Information Classification and Handling Policy Template Contents

Document Version Control 2
Document Contents Page 3
Purpose 6
Scope 6
Information Classification and Handling Policy 6
Principle 6
Information Storage 6
Confidential Information Storage 7
Control of Devices and Media Containing Information 7
Information Back Up 7
Information Destruction 8
Destruction of Hard copy paper records 8
Destruction of Electronic Information 8
Destruction of Electronic media / devices 8
Information Classification 9
Confidential Information 10
Confidential Information Guidance 10
Confidential Information and GDPR 10
Confidential Information Examples 10
Confidential Information Document Marking 11
Confidential Information Controls 11
Confidential Information Destruction 12
Internal Information 13
Internal Information Guidance 13
Internal Information and GDPR 13
Internal Information Examples 13
Internal Information Document Marking 14
Internal Information Controls 14
Internal Information Destruction 14
Public Information 15
Public Information Guidance 15
Public Information and GDPR 15
Public Information Examples 15
Public Information Document Marking 15
Public Information Controls 15
Public Information Destruction 15
Policy Compliance 16
Compliance Measurement 16
Exceptions 16
Non-Compliance 16
Continual Improvement 16

High Table ISO 27001 Store

The High Table ISO 27001 store for ISO 27001 policies and ISO 27001 ISMS documents is built on 20 years of experience and real world usage, used to pass hundreds of ISO 27001 audits globally.

Customer reviews

Reviews

There are no reviews yet.

Be the first to review “Information Classification and Handling Policy Template”

You may also like…

Scroll to Top