I recently needed a convenient method of introducing a very mixed audience (comprised of ladies and gentlemen from Finance, Legal, HR, Audit and several business lines) to the subject of information classification – information security classification, to be precise.
While all of them are certainly experts in their specific area, only few of them were ready to contribute to reviewing and discussing proposals for an organization-wide security classification standard for the organization – but that is exactly what the group has been mandated to do. Preparing an introduction document, I Googled for an overview I could use, but for some reason not much showed up that I deemed practicable enough. I needed something simple, yet detailed enough. Most of the documents were written for technical people, and aimed at IT security folks specifically. Not even the Wikipedia article covered what I though should be said when introducing non IT people to information classification. After a while, I decided to write my own short introduction. Since I am working for the UN, it is rather UN focussed, however, the document itself is an unclassified/public document – so I have posted it here as well, for public or private use for whoever is interested (you may use it or parts of it as long as the source is referenced. Thank you.)
A Brief Introduction for UN Folks on Information Security Classification – 1.0
RealLifeISM 
Posted on March 26, 2012 by Heiko Herrmann
0