Control objective: to achieve and maintain appropriate protection of organizational assets.
[1]
All information assets are clearly identified, and an inventory of all important assets has been drawn up and is maintained in line with the requirements of DOC 7.1
All assets associated with the information systems or services are ‘owned’ by a designated individual or part of the Organisation, and details of the Owner are identified on the asset inventory in line with DOC 7.1.
Rules for the acceptable use of information and assets associated with information processing facilities have been identified, documented and implemented.
Control objective: to ensure that information receives an appropriate level of protection
Information has been classified in terms of value, legal requirements, sensitivity and criticality to the Organisation
An appropriate set of procedures for information labelling and handling has been developed in accordance with the classification scheme adopted by the Organisation and this is set out in DOC 7.6
Adlin Hisyamuddin
Information Security Manager
____________________________
On:
08 November, 2007
____________________________
Change history
Issue 1 08 November, 2007 Initial issue
Links:
[1] https://www.digi-sign.com/downloads/download.php?id=digi-cast-pdf
[2] https://www.digi-sign.com/service