U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

Why Classify?

NCJ Number
115932
Journal
Security Management Volume: 33 Issue: 2 Dated: (February 1989) Pages: 67-70
Author(s)
J A Schweitzer
Date Published
1989
Length
4 pages
Annotation
Businesses need to classify company information correctly to ensure security and maintain quality information for business purposes.
Abstract
Nevertheless, many companies do not adequately protect their business information. Information losses can be considered from four viewpoints: 1) the circumstances of the loss or exposure; 2) the individuals who stole, destroyed, or observed the information; 3) the mental, written, or electronic medium involved in the loss or exposure; and 4) the value of the exposure. To manage information properly, companies should develop information policies that have the visible support of top management and that cover all the permanent requirements of information management. They should classify and protect the truly critical pieces of information. In most businesses, only 10 percent of the information should be classified, with only 1 percent at the highest classification level. The classification should represent business requirements for information security and availability and should also meet legal requirements. The security program should also include training and supervision of employees and establishment of controls and separation of duties as appropriate to the information's value.

Downloads

No download available

Availability