Policy 140101 Defining Information
POLICY STATEMENT
“The organization must record, maintain and update a data base of its information assets.”

Policy 140102 Labeling Classified Information
POLICY STATEMENT
“All information, data and documents are to be clearly labeled so that all users are aware of the ownership and classification of the information.”

Policy 140103 Storing and Handling Classified Information
POLICY STATEMENT
“All information, data and documents must be processed and stored strictly in accordance with the classification levels assigned to that information.”

Policy 140104 Isolating Top Secret Information
POLICY STATEMENT
“All information, data or documents Classified as highly sensitive (Top Secret) must be stored in a separate secure area.”

Policy 140105 Classifying Information
POLICY STATEMENT
“All information, data and documents must be classified according to their level of confidentiality, sensitivity, value and criticality.”

Policy 140106 Accepting Ownership for Classified Information
POLICY STATEMENT
“All information, data and documents are to be the responsibility of a designated information owner or custodian.”

Policy 140107 Managing Network Security
POLICY STATEMENT
“Access to the resources available from the organization’s network must be strictly controlled in accordance with the agreed Access Control List, which must be maintained and updated regularly.”

Top