Info Classification + Handling Guide

A key output of the Information Security Framework programme is the Cardiff University Information Handling Guidelines. These guidelines provide staff with a clear framework for how they should handle and protect information and where it’s okay to store different types of information. The intention is that following a period of University-wide consultation, the guidelines held within these pages will become policy. A pdf version of the guidelines and associated policy can also be downloaded here: ISFInfoClassfnHndlngPolicyv2 or here in Welsh: ISFInfoClassfnHndlngPolicyv2Welsh

Modular versions of the handling guidelines can be accessed via the left hand menu.

Information Classification:

General advice:

Always aim to keep Classified Information (C1 and C2) within the University’s secure environment.
Where this is not possible consider whether the information can be redacted or anonymised to remove confidential or highly confidential information, thereby converting it to Non-Classified Information (NC).
Report any potential loss or unauthorised disclosure of Classified Information to the IT Service Desk on 74487
Seek advice on secure disposal of equipment containing Classified Information via the IT Service Desk on 74487
Use the Confidential Waste Service for disposal of paper and small electronic media Handling@cardiff.ac.uk