5-page generic information security policy on the classification of information.
Classification of information (i.e. assigning it to classes or levels according to the nature and severity of the associated information risks) is a convenient and cost-effective way of determining the types of information security controls that are most likely to be appropriate in order to protect them.
This policy lays out the classification criteria and corresponding controls that are typically required.
Delivered as an editable MS Word document, easily customized for your organization's specific needs.
Information classification policy
Template policy on information classification
See also the security policies on:
The license covers internal use within a single organisation. Please get in touch if you'd like to incorporate the SecAware content in your systems or services provided to third parties.