Assets management information
“Assets management information ,no matter their nature, how they are initially produced, tangibles or electronic, represents the principal resource for organizations ,besides financial soundness.
This practices if formally known as Information Security Management, and set the business process (risk analysis ,strategic value of assets) that’s try to address the confidentiality ,integrity and promote the availability of data. It’s based on the standard ISO/IEC 27001 Information Security Management Systems and define the information asset as “”Something that organization considered hold value ,and must be protected””.
Classification Scheme. The step process for managing information classification:
Analysis: Review and analysis the risk identifying the exposure factor (EF) related to environment context and systems and process.
Evaluation: Evaluate all assets according to access level, protection and availability.
Handling Based on recommendation about the exposure, level of risk must proceed to stored.
Information labelling: The labeling process will be carried out based on its resulting classification and will obey the type and manner in which it is found. However, D&A will give the recommendations that apply for optimal management of information assets.”