Establish and maintain a classification methodology for captured records.

UCF ID: 00911
Control Type: Establish/Maintain Documentation
Status: Live

Supporting and supported controls

This control directly supports:

    Establish and maintain procedures for managing the records of each system. [UCF Control ID 00903]

This control has the following supporting controls:

Authority documents complied with:

Design Criteria Standard for Electronic Records Management Software Application, DOD 5015.2, June 19, 2002, § C2.2.3.1; ISO/IEC 17799 Code of Practice for Information Security Management, 2005, § 15.1.3; ISO/IEC 27002 Code of practice for information security management, 2005, § 15.1.3

US Federal Security Guidance

DOD Design Criteria are primarily concerned with the performance of an organization’s records management system. The document requires that systems provide the capability to capture, register and index electronic records. [§ C2.2.3.1, Design Criteria Standard for Electronic Records Management Software Application, DOD 5015.2, June 19, 2002]

ISO Guidance

All records should be categorized into record types and have the retention periods and type of storage media needed assigned. [§ 15.1.3, ISO/IEC 17799 Code of Practice for Information Security Management, 2005]

All records should be categorized into record types and have the retention periods and type of storage media needed assigned. [§ 15.1.3, ISO/IEC 27002 Code of practice for information security management, 2005]

Metrics

The metrics associated with this control are as follows:

    Report on the percentage of information assets that have been reviewed and classified. [UCF Control ID 02053]

Copyright 2005-2009 Unified Compliance Framework™. All rights reserved.


Site and content © Copyright 2003-2009 Network Frontiers, LLC. All rights reserved.