Classification (supported by vIC)
Classification is about to value information assets from the aspect of information security. These aspects are generally three: CIA (Confidentiality, Integrity and Availability). This means that an information asset must at least be classified with a value for each of the aspects.
The primary purpose of information classification is to manage information security in an efficient manner in accordance with ISO / IEC 27001 and ISO / IEC 27002. It should be said that both standards are vague on this subject and practical advice can be provided by Veriscan.
Veriscan’s, methods and tools for information classification gives the customer a classification which is in line with the organization's current requirements and enables control of information security in the long term by linking information classification with protection and risk.
Veriscan provides information classification that includes:
- Methods, norm scale, models, security policies etc.
- Connection to risk processes