Figure 1.
A low granularity approach to information classification, the record highlighted in red – Adapted from (Bergström et al., 2021) based on ISO/IEC 27002 Refer to the image caption for details.The flowchart presents an information classification process divided into five numbered sections. Section 1 is Business process or system analysis. It includes Identify next asset in business process or system application, a List of all business processes or systems applications, and a decision diamond marked X with branches Found and Not found. Section 2 is Requirements. It includes Identify external requirements affecting the asset linked to a List of all external requirements, and Identify internal requirements affecting the asset linked to a List of all internal requirements. Section 3 is Classification of information. Three parallel boxes read Confidentiality check, Integrity check, and Availability check, each producing a corresponding classification result. Section 4 is Labelling. It includes Analyse labelling of the information and archive the result linked to a Database of all classified assets, followed by a decision diamond marked X and a box labelled Label the asset. Section 5 is Selection of final business process system classification. It includes Read classification results from all classified assets, Select highest classification results from confidentiality integrity and availability, and Information classification done.

A low granularity approach to information classification, the record highlighted in red – Adapted from (Bergström et al., 2021) based on ISO/IEC 27002

This Feature Is Available To Subscribers Only

or Create an Account

Close Modal
Close Modal