Data Classification Policy

This document outlines Iowa State University's draft Data Classification Policy, which provides a method to categorize information collected, stored, and managed by the university based on the impact of unauthorized exposure. The policy applies to all persons and entities with access to university data used for research, teaching, outreach, or business functions. It requires data stewards to classify data and ensure it is protected according to classification standards and minimum security guidelines, informing the Data Governance Committee if needed.

Uploaded by

muzaffar30

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

596 views

Data Classification Policy

Uploaded by

muzaffar30

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 1

Data Classification Policy Draft

Effective: to be determined
Updated/Revised: under review
Contact: Office of the CIO

Introduction
The Iowa State University Data Classification Policy provides the university with a
method to categorize the information collected, stored, and managed by the university
community. Using the data classification method will improve the ability of the
university community to properly manage access to university information in
compliance with federal and state laws and regulations, and other university policy
requirements.

Scope
This policy applies to:

All persons or entities that have access to Iowa State University data
Electronic and physical data utilized by the university community for the purpose
of carrying out the institutional mission of research, teaching, outreach, and data
used in the execution of required business functions, limited by any overriding
contractual or statutory regulations

Iowa State University data stored on university or non-university resources must be

verifiably protected according to the Minimum Security Standards and Guidance.

Policy Statement
Data stewards shall classify information according to the impact resulting from
unauthorized exposure as per the standards defined in the Data Classification Standards
and Guidance. Data stewards may refer classification decisions to the Data Governance
Committee.
Data custodians and data users shall inform data stewards of any data that requires
classification.
Data stewards, data custodians, and data users shall ensure data is protected
according to the classification assigned as prescribed in the Minimum Security
Standards and Guidance.
The Data Governance Committee shall render the final decision on classification in
cases of indecision or when a data steward cannot be identified.

Data Classification Template
75% (4)
Data Classification Template
5 pages
Adsic ND 133684 en PDF
No ratings yet
Adsic ND 133684 en PDF
378 pages
Sample Data Classification Policy
No ratings yet
Sample Data Classification Policy
4 pages
Data Classification & Sensitivity Label Taxonomy
No ratings yet
Data Classification & Sensitivity Label Taxonomy
15 pages
Data Capability Assessment Form 2018
100% (2)
Data Capability Assessment Form 2018
10 pages
Data Management Policy
0% (1)
Data Management Policy
29 pages
PSPF Maturity Assessment Template and Calculator 0
No ratings yet
PSPF Maturity Assessment Template and Calculator 0
57 pages
Access Control Policy
100% (1)
Access Control Policy
8 pages
IT Governance and Strategy: It Audit Checklist Series
No ratings yet
IT Governance and Strategy: It Audit Checklist Series
27 pages
Essential - 8 - Scorecard - Overview - Cyber Maturity Posture
0% (1)
Essential - 8 - Scorecard - Overview - Cyber Maturity Posture
2 pages
IT Security Incident Reporting Standard
100% (1)
IT Security Incident Reporting Standard
4 pages
Data Classification Policy
100% (1)
Data Classification Policy
6 pages
Data Classification Policy
No ratings yet
Data Classification Policy
9 pages
ATTCH 12 11 15 Data Governance Policy DRAFT 11 17 15
No ratings yet
ATTCH 12 11 15 Data Governance Policy DRAFT 11 17 15
11 pages
Information Security Classification Policy: 1. Strategic Plan Theme and Compliance Obligation Supported 2. Purpose
No ratings yet
Information Security Classification Policy: 1. Strategic Plan Theme and Compliance Obligation Supported 2. Purpose
3 pages
Data Clacification Kit
100% (1)
Data Clacification Kit
24 pages
Data Classification Policy Template
100% (1)
Data Classification Policy Template
11 pages
IT Risks in Banks
No ratings yet
IT Risks in Banks
24 pages
Data Classification Policy Sample
No ratings yet
Data Classification Policy Sample
5 pages
Information Security Policy
No ratings yet
Information Security Policy
12 pages
Data Access Policy
No ratings yet
Data Access Policy
3 pages
Guide To Data Governance Part2 People and Process Whitepaper
No ratings yet
Guide To Data Governance Part2 People and Process Whitepaper
28 pages
Data Classification
No ratings yet
Data Classification
4 pages
Data Classification
100% (3)
Data Classification
14 pages
Auditing in CIS Environment DISCUSSION 13
No ratings yet
Auditing in CIS Environment DISCUSSION 13
7 pages
The Capability Maturity Model
No ratings yet
The Capability Maturity Model
3 pages
Data Management Policy Template For CIS Control 3
No ratings yet
Data Management Policy Template For CIS Control 3
18 pages
It Services Terms and Conditions
No ratings yet
It Services Terms and Conditions
8 pages
Nist CSF
No ratings yet
Nist CSF
7 pages
Data and Information Governance Maturity Questionnaire
No ratings yet
Data and Information Governance Maturity Questionnaire
3 pages
IT Governance
No ratings yet
IT Governance
2 pages
Global Services
No ratings yet
Global Services
15 pages
Data Governance Your Number One Priority
No ratings yet
Data Governance Your Number One Priority
15 pages
Data Classification
No ratings yet
Data Classification
9 pages
Computing Policy
No ratings yet
Computing Policy
12 pages
Role of Data Governance
No ratings yet
Role of Data Governance
12 pages
Project Plan For Implementation of The Information Security Management System
No ratings yet
Project Plan For Implementation of The Information Security Management System
4 pages
Best Practices of IT Organization Design en
No ratings yet
Best Practices of IT Organization Design en
35 pages
5 Steps For Better Risk Assessments Ebook LogicManager
No ratings yet
5 Steps For Better Risk Assessments Ebook LogicManager
15 pages
Role Profile: (Name) Draft
No ratings yet
Role Profile: (Name) Draft
3 pages
Computer & Network Procedures To Manage IT Systems
No ratings yet
Computer & Network Procedures To Manage IT Systems
4 pages
IT Security Policy
No ratings yet
IT Security Policy
12 pages
Data Sharing Policy
No ratings yet
Data Sharing Policy
4 pages
It Governance Guide v1.2
100% (1)
It Governance Guide v1.2
15 pages
Fds Data Governance Playbook
100% (1)
Fds Data Governance Playbook
14 pages
Data Classification: Secure Cloud Adoption
No ratings yet
Data Classification: Secure Cloud Adoption
18 pages
Information Security in Healthcare System - 26.12.14 - 10
No ratings yet
Information Security in Healthcare System - 26.12.14 - 10
12 pages
DQT Project Charter - Final
No ratings yet
DQT Project Charter - Final
13 pages
PDPL Checklist
No ratings yet
PDPL Checklist
4 pages
Data Quality Procedure
No ratings yet
Data Quality Procedure
8 pages
Data Encryption Policy
100% (2)
Data Encryption Policy
5 pages
Data Protection Impact Assessment Procedure Template
No ratings yet
Data Protection Impact Assessment Procedure Template
5 pages
Secure Development Policy
No ratings yet
Secure Development Policy
7 pages
Information Security Policy
No ratings yet
Information Security Policy
19 pages
Hipaa Compliance Management Program (HCMP) : Infosight'S HCMP Includes
No ratings yet
Hipaa Compliance Management Program (HCMP) : Infosight'S HCMP Includes
2 pages
Cyber Security Policy
No ratings yet
Cyber Security Policy
8 pages
Modified IPR Policy
No ratings yet
Modified IPR Policy
30 pages
Policy Document IT Access Policy: (Date)
No ratings yet
Policy Document IT Access Policy: (Date)
10 pages
Systems Audit Policy Template
No ratings yet
Systems Audit Policy Template
2 pages
Governance Complete Self-Assessment Guide
From Everand
Governance Complete Self-Assessment Guide
Gerardus Blokdyk
No ratings yet
ISO 38500 Complete Self-Assessment Guide
From Everand
ISO 38500 Complete Self-Assessment Guide
Gerardus Blokdyk
2/5 (1)
Brandon Taylor: Skills
100% (1)
Brandon Taylor: Skills
2 pages
Issue Register
No ratings yet
Issue Register
2 pages
Aron Aron Smith Smith: Head of Marketing
No ratings yet
Aron Aron Smith Smith: Head of Marketing
2 pages
Robert Smith: IT Manager/Network Administrator
No ratings yet
Robert Smith: IT Manager/Network Administrator
2 pages
Disaster Recovery Planning: White Paper WP027005EN
No ratings yet
Disaster Recovery Planning: White Paper WP027005EN
2 pages
Daily Log: Project: Project Sponsor: Project Manager: Start Date: Expected Completion Date
No ratings yet
Daily Log: Project: Project Sponsor: Project Manager: Start Date: Expected Completion Date
1 page
JD For IT Quality and Technical Support Specialist
No ratings yet
JD For IT Quality and Technical Support Specialist
1 page
SW Vendor Evaluation Matrix Template
No ratings yet
SW Vendor Evaluation Matrix Template
4 pages
IT Glossary of Terms
No ratings yet
IT Glossary of Terms
7 pages
ITS Diversity Statement
No ratings yet
ITS Diversity Statement
1 page
Informati On Technolo Gy Cyber Security Policy: Sample Template
No ratings yet
Informati On Technolo Gy Cyber Security Policy: Sample Template
12 pages
2T02 Infrastructure Planning Checklist v4-0
No ratings yet
2T02 Infrastructure Planning Checklist v4-0
4 pages
Assets and Disposal Policy
No ratings yet
Assets and Disposal Policy
5 pages

Data Classification Policy

Uploaded by

Data Classification Policy

Uploaded by

Data Classification Policy Draft

Iowa State University data stored on university or non-university resources must be

You might also like