Information security

INF009

Overview of security classifications

A security classification specifies how people must protect the information and equipment they handle.

Security classifications can be divided into two types of information:

  • policy and privacy information
  • national security information.

Policy and privacy information

The classifications for material that should be protected because of public interest or personal privacy are:

  • IN CONFIDENCE
  • SENSITIVE.

Security classifications for policy and privacy information has more details.

National security information

The classifications for material that should be protected because of national security are:

  • RESTRICTED
  • CONFIDENTIAL
  • SECRET
  • TOP SECRET.

Security classifications for national security information has more details.

Unclassified information

Official information that doesn’t need a security classification is called ‘unclassified’ information. Most official information fits this category.
UNCLASSIFIED isn’t a security classification, but it is used as a protective marking because it shows that the impact from unauthorised disclosure or misuse has been assessed.

Your organisation should have policy on how you will mark, protect, and handle information that needs increased protection but doesn’t qualify for a security classification.


 

Page last modified: 5/08/2019