Chapter 3. Day 3 – Asset Security - Information and Asset Classification

Information security is the preservation of confidentiality and integrity and the availability of assets. Assets have intrinsic value to the business and are classified into various types. The type of asset and its value are used to determine the required level of security assurance.

This chapter provides an overview of asset security. The concepts and techniques that pertain to information assets are covered in detail throughout this chapter. Data security concepts and controls are also covered in detail using suitable illustration and examples.

This chapter covers the following:

• Overview of asset security
• Overview of information and asset classification
• Asset ownership
• Classification types in government
• Classification types in corporations
• Overview of data privacy
• Overview of data retention strategies