Data Classification Standard Policy

Subscriber Content
Screenshot of the first page of Data Classification Standard Policy

Companies must understand the importance of information to their business, and how that information is classified reflects their commitment as a secure organization. This sample policy can be used by auditors to ensure that all of the organization’s classified information is properly identified and marked.

Sample procedures include: All data must be retained and disposed of in accordance with the company’s corporate data retention policy, all media containing cardholder data must be accurately tracked, management must approve all media being transported off-site, and all media must be sent by secured courier or other delivery methods that can be accurately tracked.


Topics
Sarbanes-Oxley Act
Document Retention
IT Controls
Data Security
IT Security
Privacy
IT Audit

Related Resources

Checklists & Questionnaires

Privacy and Data Protection Questionnaire

Process Flows

Determining Data Requirements Process Flow

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It