Professional Documents
Culture Documents
ACPL-ISMS-C5.12 (Classification of Information Policy)
ACPL-ISMS-C5.12 (Classification of Information Policy)
Document ID ACPL-ISMS-C5.12
Document Classification Internal
Issue Date (effective from) 01.12.2023
Version No 1.0
Latest Review Date 01.12.2023
1. Control statement:
Information should be classified according to the information security needs of the organization based
on confidentiality, integrity, availability and relevant interested party requirements
2. Purpose:
To ensure identification and understanding of protection needs of information in accordance with its
importance to the organization.
3. Scope:
This policy is applicable to information and other associated assets and communication to all the
interested parties.
4. Procedure:
(1) While deciding the classification of the information, confidentiality, integrity and availability
have been taken into consideration.
(2) Results of classification should be updated in accordance with changes of the value, sensitivity
and criticality of information through their life cycle.
(3) The scheme should be consistent across the whole organization and included in its procedures
so that everyone classifies information and applicable other associated assets in the same way.
(4) when the information has been made public, it no longer has confidentiality requirements but
can still require protection for its integrity and availability properties.
5. Information Classification
Doc ID: ACPL-ISMS-C5.12 Version 1.0 Last Rev. Date: 01.12.2023 Page 2 of 3
This document is confidential and must not be shared or copied without written permission from
Aethereus Consulting. Please return or destroy upon request.
Classification of information Policy
Restricted data includes data that, if compromised or accessed without authorization, could lead to
criminal charges and massive legal fines or cause irreparable damage to the company.
Examples of restricted data might include proprietary information or research and data protected by
Government regulations.
5.2 CONFIDENTIAL
This type of data is strictly accessible to internal company personnel or internal employees who are
granted access.
Departmental memos, information on internal bulletin boards, training materials, policies, operating
procedures, work instructions, guidelines, phone and email directories, marketing or promotional
information (prior to authorized release), investment options. Transaction data, productivity reports,
disciplinary reports, contracts/proposals, Service Level Agreements, internal vacancy notices, intranet Web
pages, blue prints/ proof of concept.
6. References
1. Information Asset register
7. Revision History
Doc ID: ACPL-ISMS-C5.12 Version 1.0 Last Rev. Date: 01.12.2023 Page 3 of 3
This document is confidential and must not be shared or copied without written permission from
Aethereus Consulting. Please return or destroy upon request.