ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS), published in 2005 and revised in 2013.
Information classification is a key part of any ISO 27001 project.
Control objective A8.2 is titled ‘Information Classification’ and instructs that organisations “ensure that information receives an appropriate level of protection”.
Typical data classification includes 4 levels, for example:
The content creator is the best person to determine the classification of documents and emails. Doing the classification at the time of creation, using a tool that guides them through the process and ensures that they don't forget to apply a classification.
360 Protective Marking enables users to classify their documents and emails when they are writing them. When a user saves or prints a document or sends an email they are prompted to select a classification which applies metadata and visual labelling to the document or email.
The classification options can be tailored to your organisation needs and can include retention periods alongside standard classification which can be used by a records and document management system.
Free Trial
360 Systems offer a free trial of this software. If you'd like to review its fit within your organisation then please get in contact.
See our new website dedicated to email and document classification.