Information Security Framework Info Classification + Handling

Info Classification + Handling

A key output of the Information Security Framework programme is the Cardiff University Information Handling Procedures. These guidelines provide a clear framework for how to handle and protect information and where it’s okay to store different types of information. The intention is that following a period of University-wide consultation, the guidelines held within these pages will become policy. A pdf version of the guidelines and associated policy can also be downloaded here: ISFInfoClassfnHndlngPolicyv2 or here in Welsh: ISFInfoClassfnHndlngPolicyv2Welsh
Modular versions of the handling guidelines can be accessed via the left hand menu.

Information Classification:

classification

General advice:

  • Always aim to keep Classified Information (C1 and C2) within the University’s secure environment.
  • Where this is not possible consider whether the information can be redacted or anonymised to remove confidential or highly confidential information, thereby converting it to Non-Classified Information (NC).
  • Report any potential loss or unauthorised disclosure of Classified Information to the IT Service Desk on 74487
  • Seek advice on secure disposal of equipment containing Classified Information via the IT Service Desk on 74487
  • Use the Confidential Waste Service for disposal of paper and small electronic media Handling@cardiff.ac.uk

Follow us on Twitter @CU_InfoSec