This policy addresses how <COMPANY NAME> manages information assets that employees utilize in the office and at remote locations.

Purpose

This policy aims to define individual responsibilities for information asset safeguarding and provide a standard classification system that is followed by all staff and users, ensuring that information assets are protected and sensitive information assets are classified in accordance with <Company Name> requirements.

Format: MS WORD

Description:

• This Procedure applies to all documents in the Information Security Management System (ISMS) and IT service management system that is created, distributed, and retained for information and action (ITSM).

• This policy applies to all employees and users of Company Name>.

GDPR Template Includes the Following :

1. Introduction 
2. Purpose 
3. Objectives of This Policy 
4. Scope 
5. Classification of Information Assets 
6. Roles and Responsibilities 
6.1 Data owner 
6.2 Data custodians 
6.3 Data user 
7. Information Labelling 
8. Classification Sensitivity Criteria – Information Asset 
9. Electronic Protected Health Information (ePHI) 
10. Payment Card Information (PCI) 
11. Classification Guidelines 
12. Information Handling Guidelines 
13. Record Management