Data Classification Policy

The Data Classification Policy sets guidelines for how the company deals with different types of data.  Data is classified into five categories, with standards set for each on the storage, transmission, and destruction of the information.

The Data Classification's purpose is to determine what data is of value to the company, what data is confidential, and what data is expendable.  This is an important step so that the company can then specify how certain classes of data must be treated and secured.  This policy is closely linked to the Confidential Data Policy.

A Data Classification Policy developed with the EZSecurityPolicy.com application will include the following detailed sections:

1. Overview
2. Purpose
3. Scope
4. Policy
    4.1. Data Classification
    4.2. Data Storage
        4.2.1. Personal
        4.2.2. Public
        4.2.3. Operational
        4.2.4. Critical
        4.2.5. Confidential
    4.3. Data Transmission
        4.3.1. Personal
        4.3.2. Public
        4.3.3. Operational
        4.3.4. Critical
        4.3.5. Confidential
    4.4. Data Destruction
        4.4.1. Personal
        4.4.2. Public
        4.4.3. Operational
        4.4.4. Critical
        4.4.5. Confidential
    4.5. Applicability of Other Policies
5. Enforcement
6. Definitions
7. Revision History

Available in the Gold Package only, this is a policy that is intended to be used by technical staff and management as well as distributed to end users.

Your custom Data Classification Policy will be delivered immediately upon completion the wizard via email, as both a PDF and an RTF file.  RTF files are editable in all major word processing programs, including Microsoft Word.

Our security policies were written based on a cohesive and integrated approach using security best practices stemming from the C-I-A triad of confidentiality, integrity, and availability.  This approach aligns with both real-world and industry standard-based objectives, resulting in an invaluable resource for your security policy management.  A data classification policy developed with the EZSecurityPolicy.com wizard will provide the foundation for a realistic, practical implementation of your IT security policy program.

Please contact us if you have any questions about this policy.

EZSecurityPolicy.com has delivered thousands of IT Security Policies to companies from 5 to 50,000 employees.  The management of EZSecurityPolicy.com has over 20 years of successful experience in the field of information security.