Information security
-
New Zealand Government Security Classification System
- Protecting official information from unauthorised access and accidental disclosure
- Overview of security classifications
- Security classifications for policy and privacy information
- Security classifications for national security information
- Identifying national security information
- Security classifications for Cabinet documents
- Security classifications for information from foreign governments
- Endorsement and compartmented markings
- Guidelines for protective markings
-
Handling requirements for protectively-marked information and equipment
- Applying protective markings to official information
- Controlling and handling official information with protective markings
- Reproducing protectively-marked information
- Removing protected material from your premises
- Transferring or transporting protectively-marked information
- Destroying protectively-marked information securely
- Quick guides to handling protectively-marked information and assets
INF009
Overview of security classifications
A security classification specifies how people must protect the information and equipment they handle.
Security classifications can be divided into two types of information:
- policy and privacy information
- national security information.
Policy and privacy information
The classifications for material that should be protected because of public interest or personal privacy are:
- IN CONFIDENCE
- SENSITIVE.
Security classifications for policy and privacy information has more details.
National security information
The classifications for material that should be protected because of national security are:
- RESTRICTED
- CONFIDENTIAL
- SECRET
- TOP SECRET.
Security classifications for national security information has more details.
Unclassified information
Official information that doesn’t need a security classification is called ‘unclassified’ information. Most official information fits this category.
UNCLASSIFIED isn’t a security classification, but it is used as a protective marking because it shows that the impact from unauthorised disclosure or misuse has been assessed.
Your organisation should have policy on how you will mark, protect, and handle information that needs increased protection but doesn’t qualify for a security classification.
Page last modified: 5/08/2019