Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Classification level IV (RESTRICTED)
1. Disposal of Classified Information in non-electronic format has to be organized in a reliable manner. When disposing, such procedures are used which prevent reconstruction of the pieces of information in whole or in part. For the information in electronic format see I-21.
Classification level III (CONFIDENTIAL): in addition to point 1 above
2. When international information belonging to the classification level CONFIDENTIAL is
concerned, a disposal certificate has to be signed by the person disposing the information.
This certificate will be saved at the registry. Registered information has to be updated
correspondingly. The registry has to save certificates of disposal for at least five years
(compare to F-08.3).
Classification level II (SECRET): in addition to points 1 and 2 above
3. In case the originator of the information is another authority, it has to be informed about the disposal of the now unnecessary information, unless the information was returned to the originating authority.
4. Only a person nominated for the task by an authority may dispose information. The drafter may dispose draft versions.
5. International information belonging to the classification level SECRET has to be disposed in the presence of a witness. The person witnessing the disposal has to be security cleared at least to the classification level of the information being disposed.
Classification level IV (RESTRICTED)
1. Disposal of Classified Information in non-electronic format has to be organized in a reliable manner. When disposing, such procedures are used which prevent reconstruction of the pieces of information in whole or in part. For the information in electronic format see I-21.
Classification level III (CONFIDENTIAL): in addition to point 1 above
2. When international information belonging to the classification level CONFIDENTIAL is
concerned, a disposal certificate has to be signed by the person disposing the information.
This certificate will be saved at the registry. Registered information has to be updated
correspondingly. The registry has to save certificates of disposal for at least five years
(compare to F-08.3).
Classification level II (SECRET): in addition to points 1 and 2 above
3. In case the originator of the information is another authority, it has to be informed about the disposal of the now unnecessary information, unless the information was returned to the originating authority.
4. Only a person nominated for the task by an authority may dispose information. The drafter may dispose draft versions.
5. International information belonging to the classification level SECRET has to be disposed in the presence of a witness. The person witnessing the disposal has to be security cleared at least to the classification level of the information being disposed.
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
