Information technology. Governance of data. Guidelines for data classification
Last updated: 18 Jul 2024
Development Stage
Pre-draft
Draft
Published
Abstract
This document complements the existing International Standards on IT governance (ISO/IEC 38500) and data governance (ISO/IEC 38505-1). It is designed to provide practical guidance for organizations including governing bodies and management to allow them to:
ā maintain an oversight of their data portfolio,
ā understand the business context, value, sensitivity and risk associated with the data, and
ā apply mechanisms that are both proportionate and appropriate, ensuring that data is protected, and is only used for intended purposes consistent with the organizationās obligations. Ā© ISO/IEC 2022 All rights reserved
Scope
This document provides essential guidance for members of governing bodies of organizations and management on the use of data classification as a means to support the organizationās overall data governance policy and associated systems. It sets out important factors to be considered in developing and deploying a data classification system. Ā© ISO/IEC 2022 All rights reserved
External Links
Let the community know
Categorisation
Key Information
Referenced standards: ISO/IEC 38500:2015, ISO/IEC 19944-2, ISO/IEC 22123-1, ISO/IEC TS 38501, ISO/IEC 20944-1:2013, ISO/IEC 20889, ISO/IEC 19944-1:2020, ISO/IEC 38505-1:2017, ISO/IEC 20546:2019, ISO/IEC 38507, ISO/IEC 23751, ISO/IEC TR 38505-2,, ISO/TR 14872:2019, ISO/IEC 29100:2011, ISO/IEC 22624, ISO/IEC 29100:2011/Amd 1:2018, ISO 10667-1:2020
AI Standards Hub