Organizations qualify their data based on various factors and not all data holds the same value. Depending on the user and their designated role, the data will have greater or less value. Information such as formulas or product development are of high value, and having that data compromised in any way could be catastrophic for an enterprise. Thus, the data has a much higher classification.
Classifying information is intended to support system integrity, confidentiality and restricted access to preserve value and minimize risk. It also rates an organization’s information assets. Each level of classification should carry specific requirements and procedures. Two common examples of a classification system are:
- Military information classification, and
- Commercial information classification.
Both models have introduced terminology for qualifying information.