ITProSec Data Classification and Control Process

The objective of the ITPROSEC Data Classification and Control Process is to protect the information assets of the ITPROSEC by ensuring the confidentiality, integrity and availability of the assets. Information has many forms including conversations, speeches, printed documents, handwritten notes, information stored on computer systems in electronic form, video and audio tapes, etc. Information assets range from routine communications in an electronic mail message to the ITPROSEC’s most important information assets stored and located in our system. Information can be exchanged in an elevator, hallway, over a phone, via e-mail or through a written document. It is important to protect all ITPROSEC information assets in every form and in every place it is transmitted or stored.

Document Control

Version Author Date Description

Document Review

Version Name Date Description

Document Approval

Version Name Title Date Signature
         

Document Note

Version Note
1. This addresses a critical step in preventing the loss of sensitive information for the ITPROSEC and supports Information Security Policy’s recommendation towards our Data Classification and Control posture.The Information Security Classification (ISC) is ITPROSEC’s enterprise-wide framework that has been adopted, to be enforced/adhered to with the information data classification and control in place prior to sharing outside of your branch or the ITPROSEC.Applying appropriate ISC safeguards will reduce the risk of an information disclosure and breach.

Table of Contents

Document Control 1

Document Review.. 1

Document Approval 1

Document Note. 1

1.         Introduction. 4

2.         Scope. 4

3.         Security Concept 4

4.         Classification Levels. 5

5.         Steps for Classifying Information. 6

5.1 Information Classification Practice. 6

6.         Protection Measures. 7

6.1     Labeling Protection Measures. 8

6.2 Storage Protection Measures. 9

6.3 Distribution Protection Measures. 10

6.4 Transmission Protection Measures. 11

6.5. Receiving Information Protection Measure. 12

6.6 Disposal / Storage Media Reuse Protection Measures. 13

6.7 Uses Away From ITPROSEC Premises. 13

6.8     Access Protection Measures. 14

8.         Data Control and Responsibilities. 15

9.         Resources for Assistance. 17

Appendix A –Terms and Definitions. 18

Appendix B –Protection Measures Summary. 20

Appendix C –Information Classification Examples. 22

APPENDIX D- Roles and Responsibilities. 23

APPENDIX E- Resources for Assistance. 24

  1. Introduction

This document contains the IT Professional Security (ITPROSEC) data classification levels, steps for classifying information, and protection measures required for Classified Information.

The objective of the ITPROSEC Data Classification and Control Process is to protect the information assets of the ITPROSEC by ensuring the confidentiality, integrity and availability of the assets. Information has many forms including conversations, speeches, printed documents, handwritten notes, information stored on computer systems in electronic form, video and audio tapes, etc. Information assets range from routine communications in an electronic mail message to the ITPROSEC’s most important information assets stored and located in our system. Information can be exchanged in an elevator, hallway, over a phone, via e-mail or through a written document. It is important to protect all ITPROSEC information assets in every form and in every place it is transmitted or stored.

This document will be continuously updated along with Information Security Office and capabilities establishment. For further information or questions, please contact Information Security at [email protected].

The Data Classification and Control outlined in this document apply to the following:

  • All electronic messaging services (Email, text message, voice message, fax)
  • Electronic documents (DOC, XLS, PDF, PPT, TXT, JPG and other formats etc.)
  • Database files storage systems and Application (SQL, DB, Lotus Notes, OpenText, Case Manager etc.)
  • Removable Media (USB, External Drive, CD, DVD etc.)
  • Hard copy (Letter, Memo, Printed document etc.)
  • Phone voicemails

There are several key security concepts to consider when making information security classification decisions.

  • Confidentiality Protecting information from being accessed, divulged or distributed by people who shouldn’t have access. Keep information private that should be private.
  • IntegrityKeeping information from being modified by people (or computers) without authorization Make sure that the information is accurate so that it can be used to make high quality decisions.
  • Availability Preventing the information from being deleted or destroyed accidentally or intentionally or otherwise made unavailable Make sure that information is there when and where it is needed.

When determining an information classification, these three principles are the basis for deciding the security and access requirements for ITPROSEC information assets.


The Information Security Classification (ISC) is an enterprise-wide framework that has been adopted to provide guidance in protecting ITPROSEC information prior to sharing outside of your branch or the ITPROSEC. Applying the appropriate ISC safeguards will reduce the risk of an information breach. The business owners are responsible to ensure that their information is properly classified and labeled. Accordingly, each individual is responsible for ensuring that information is handled according to the requirements for that classification.

The four different security levels are below:

                                                Table 1: Sensitivity Level

Sensitivity Level Risk Access Protective Safeguards   Description
Unclassified None Public None   Information meant for the public to see (e.g. Public speeches, ITPROSEC Bulletin etc.)
Low Low Internal use only Consult with business owner   Information generally available to employees and approved non-employees (ITPROSEC-All message, ITPROSEC Coffee meeting content)
Medium Medium Select / Approved Group of Employees   Restricted Consult with business owner   Consider using protective safeguards like Follow-You printing or header/footer and sensitivity level Information that is intended to be assessed by a specific group of employees only (a Branch, a Project Team)
High High Select/ Approved Individuals Consult with business owner   Apply header or footer with sensitivity level   Use Follow-You printing   Do not use Inter-Office Mail   Identify sensitivity level in the body or subject of an email Information that is extremely confidential and intended for access by named individuals or position only (e.g. Chair, CIO, HR etc.)

To classify or reclassify information, begin by reviewing the information classification definitions listed in the Classification Levels section. There are also examples of information and their classification levels available for reference in Appendix B (Information Classification Examples). Individual data elements are not expected to be classified. For example, first name and last name are classified as “Personal Information.” However, an email message containing the recipient’s first and last name is not normally assigned this classification. Information in its entirety should be considered for classification and when possible, should be grouped and then assigned a group classification. From the previous example, an email message with the recipient’s first and last name, and an attachment containing an executed contract agreement should be classified as “Low” or “Medium.”

For difficulties or discrepancies in determining the appropriate classification of information, please contact the business owner or Records and Information Management. Refer to the Resources for Assistance section 9 for additional information.

5.1 Information Classification Practice

This section addresses specific classification use cases:

  • Labeling Considerations

The classification label is intended to be an immediate visual reminder of the protection requirements of the information received. The classification label for ITPROSEC information should be immediately visible and conspicuously marked. As required by the Information Security Policy, where continuous labeling is not feasible, the business owner should determine alternative provisions. These provisions may consist of, but are not limited to: meta-data, log-on pages, title pages, cover sheets, transmittal sheets, physical labels, etc.

The effectiveness of labeling procedures is not solely determined by the presence of a classification label, but is reinforced by the proper handling and protection actions demonstrated by the recipient of the information.

ITPROSEC information may be labeled so that the recipient is made aware of any additional handling required for that information. Such labels are not official ITPROSEC classification categories and do not have any associated information protection requirement. Examples of these handling labels include, but are not limited to:

Draft Not Public Yet
Private Limited Use
For Review only Not to Share

5.1.2. Change in Classification

The classification of information may change over time or an “event” can trigger the security classification to change. For example, Low sensitivity while the draft is in progress; while may later release or publish to public or website as unclassified. Another example is financial data is classified as Medium (Restricted) or shall not be disclosed until release. After its release, this same information is unclassified or public.

Consider that as internal policy is being reviewed and re-drafted, it is “Medium” sensitivity. Once the policy has been approved and it is posted to the Intranet, the sensitivity changes to “Low” sensitivity.

If the information’s classification will change at a specific time, label it accordingly. For example:

Low until July 31, 2017                OR                High until 3Q17 Financial Statement

After July 31, 2017,                                          is released to the Public. Public

Unclassified /Public                                           Classification after Release

5.1.3. Mixed Classification

Some documents, files, or Web sites contain data with more than one classification. For example, a document describing the Information Services Architecture might contain general information about future configurations. This information is classified as low. The same document also may have a small section describing the proposed equipment configuration in detail. This small section may be classified as Medium. In this case, there are two options:

1. Classify the entire document or web site as at the highest level of any of the information.

2. Move the more sensitive information into a separate document, standalone appendix, or another separate location. Classify only the separate document at the higher level e.g. Medium.

5.1.4. Third party companies and Services

The ITPROSEC works with many third-party companies such as managed service providers and external professional services. As a result, ITPROSEC classified information may be transferred or processed or stored off-site. While the responsibility for implementing information protection measures may be delegated to these third parties, business owners cannot outsource their accountability to protect ITPROSEC information. The Information Security Policy requires third parties to comply with the Policy.

The responsibility for information classification, handling and protection should not be compromised by the introduction of third party service providers. In some cases, third parties may outsource their activities to yet another branch making it critical that business owners be fully aware how ITPROSEC information will be used and to ensure that appropriate information protection measures are identified in Third party service agreements or Memorandum Of Understanding (MOU).


      Information Data Classification requires implanting practices and protection measure related to:

  • Labeling
  • Storage
  • Distribution
  • Transmission
  • Disposal / Storage Media Reuse
  • Use Away from the ITPROSEC Premises
  • Access

This section identifies the minimal levels of protection required in these areas for ITPROSEC information classified data as Unclassified, Low, Medium and High.

As required by the Information Security Classification (ISC), information owner or department manager are responsible to ensure that their information is properly classified and labeled. The actual labeling procedure may vary depending on the sensitivity in which the information is stored. Table 2 identifies some common labeling methods for various types of information assets.

                                        Table 2: Labeling Protection Measure

Type Unclassified Low Medium High
Electronic Messaging services (Email, Text, chat history etc.) Mark ‘Unclassified’ in the Message Sensitivity setting, or Subject line Mark ‘Low’ in the Message Sensitivity setting, where available, or Subject line Mark ‘Medium’ in the Message Sensitivity setting, where available, or Subject line Mark  ‘High’ in the Message Sensitivity setting, where available, or Subject line  
Electronic Documents Files (e.g. doc, xls, ppt, pdf, txt etc.) Mark ‘Unclassified’ in the header /footer, watermark or document metadata Mark ‘Low’ in the header / footer, watermark or document meta-data   Mark ‘Medium’ in the header / footer, watermark or document meta-data   Mark ‘High’ in the header / footer, watermark or document meta-data  
Databases File storage systems Applications (db, sql, oracle, mysql etc.) Mark ‘Unclassified’ in system / application meta-data, online screen displays and reports Mark ‘Low’ in system / application meta-data, online screen displays and reports   Mark ‘Medium’ in system / application meta-data, online screen displays and reports   Mark ‘High’ in system / application meta-data, online screen displays and reports  
Removable media  (USB, CD/DVD, Ext. Drive, Tape) Mark ‘Unclassified’ on exterior / adhesive label, where feasible Mark ‘Low’ on exterior / adhesive label, where feasible   Mark ‘Medium’ on exterior / adhesive label, where feasible   Mark ‘High’ on exterior / adhesive label, where feasible  
Hard copy (Letter, Memo, Printed document) Mark ‘Unclassified’ on every page Mark ‘Low’ on every page Mark ‘Medium’ on every page Mark ‘High’ on every page
Voicemail Phone Voicemail messages shall begin with a statement regarding “General message, non-sensitive message” Voicemail messages shall begin with a statement regarding confidentiality is low. E.g. “The following message contains “Low’ (internal use) information.” Voicemail messages shall begin with a statement regarding confidentiality level is “Medium” Voicemail not permitted  

6.2 Storage Protection Measures

Depending on the classification, information assets will need different types of storage protection measures to ensure that the confidentiality, integrity, and availability of the information are protected. Table 3 identifies storage protection measures for common information assets across the classification levels.

                                                Table 3: Storage Protection Measure

Type Unclassified Low Medium High
Electronic Messaging services (Email, Text, chat history etc.) Encryption not required Encryption recommended Encryption recommended   Encryption mandatory  
Electronic Documents Files (doc, xls, ppt, pdf, txt etc.) Encryption not required Encryption recommended Encryption recommended Encryption mandatory  
Databases File storage systems Applications (db, sql, oracle, mysql etc.) Encryption not required Encryption Recommended Encryption recommended   Encryption is mandatory for enterprise database systems within ITPROSEC approved secure data center and other approved environments
Removable media (USB, CD/DVD, Ext. drive, Tape etc.) Encryption  device Recommended Encryption  device mandatory Encryption device mandatory   Encryption mandatory  
Mobile device Encryption is not required but don’t leave mobile device unattended Encryption recommended Secured in locked container, cabinet or drawer when not in use   Do not leave unattended Encryption recommended Secured in locked container, cabinet or drawer when not in use   Do not leave unattended Encryption mandatory Secured in locked container, cabinet, drawer, or safe when not in use   Do not leave unattended
Hard copy (Letter, Memo, Printed document) No protection required but proper handling is recommended Secured in locked container, cabinet or drawer when not in use.   No protection required for Internal Employee Secured in locked container, cabinet or drawer when not in use.   Do not leave unattended Secured in locked container, cabinet, drawer, or safe when not in use.   Do not leave unattended
Voicemail Phone Voicemail permitted and shall be erased when no longer needed Voicemail permitted Messages shall be erased when no longer required Voicemail permitted Messages shall be erased when no longer required Voicemail not permitted  

6.3 Distribution Protection Measures

When classified information is shared with individuals, other branches or to those outside of the ITPROSEC who are not aware of the value or sensitivity of an information asset, it is essential to establish the sensitivity level so that protection requirements can be quickly understood, communicated and acted upon. As required by the Information Security Classification, Third parties who work with ITPROSEC shall sign a non-disclosure agreement. Also, if Third Parties require access to the ITPROSEC network, they must sign a network access agreement including Code of Conduct. Table 4 identifies the distribution protection measures for common information assets across the classification levels.

                                                Table 4: Distribution Protection Measures

Type Unclassified Low Medium High
Electronic Document Files (Email, DOC, XLS, PPT, PDF, TXT JPG etc.) Mark as “Unclassified” and makes sure the files are good for distribution to outside of group or ITPROSEC.   No Encryption required Mark as “Low” and makes sure the files are Consult with business owner before distribution to outside of ITPROSEC.   Encryption device should be used for electronic documents and files on removable media External distribution requires Non-disclosure Agreement (NDA) Electronic documents and files on removable media sent outside ITPROSEC in protected envelope or container by bonded courier   Encryption device must be used for electronic documents and files on removable media External distribution requires Non-disclosure Agreement (NDA) or Memorandum Of Understanding (MOU) and Business Owner approval   Electronic documents, files on removable media sent outside ITPROSEC in protected envelope or tamper evident packaging by bonded courier with delivery tracking and recipient signature required, or hand delivered   Encrypted device is mandatory
Databases File storage systems Applications   (SQL, DB, Lotus Notes, Domino etc.) Mark as “Unclassified” and Accessed via ITPROSEC approved Secure Access Connection (SAC) or authorized Third Party Provider only.   Access Protection required according to classification Mark as “Low” and Accessed via ITPROSEC approved Secure Access Connection (SAC) or authorized Third Party Provider only.   Access Protection required according to classification Accessed via ITPROSEC approved Secure Access Connection (SAC) or authorized Third Party Provider only.   Access Protection required according to classification Accessed via ITPROSEC approved Secure Access Connection (SAC) or authorized Third Party Provider Access Protection required according to classification
Hard copy  (Letter / Memo, Printed document) Facsimile transmission permitted   Documents cleared from printers, copiers and fax machines.   Documents sent outside ITPROSEC  in in general envelope using normal post Facsimile transmission permitted when sender and receiver present   Documents cleared from printers, copiers and fax machines immediately   Documents sent outside ITPROSEC  in protected envelope using normal post External distribution requires Non-disclosure Agreement (NDA)   Facsimile transmission permitted when sender and receiver present   Documents cleared from printers, copiers and fax machines immediately   Documents sent outside ITPROSEC  in protected envelope using normal post External distribution requires Non-disclosure Agreement (NDA) or Memorandum of understanding (MOU) and Business Owner approval   Facsimile transmission not permitted Documents cleared from printers and copiers immediately   Documents sent outside ITPROSEC in protected envelope or tamper evident packaging by bonded courier with delivery tracking and recipient signature required  
Voicemail Phone Conduct discussions via regular phone or mobile phone with discretion. Recipient can be identified and spoken to Information shall not be discussed in public place where it may be overheard   Conduct discussions via mobile phone with discretion. Recipient can be identified and spoken to Information shall not be discussed in public place where it may be overheard   Conduct discussions via mobile phone with discretion. Voicemail not permitted Information shall not be discussed in public place where it may be overheard   Conduct discussions via mobile phone with discretion

6.4 Transmission Protection Measures

When transmitting ITPROSEC classified information over the Internet or telecommunications networks, special protection measures are required. The Resources for Assistance section 9 provides links to some of the most common information protection tools available on the desktop. Table 5 identifies the transmission protection measures for common information assets across the classification levels.

                                                Table 5: Transmission Protection Measures

Type Low Medium High
Electronic messaging services (Email, Text, chat history etc.) Secure connection and Encryption recommended Secure connection and Encryption mandatory Secure connection and Encryption mandatory  
Electronic documents Files (DOC, XLS, PPT, PDF, TXT JPG etc.) Secure connection and Encryption recommended Secure connection or Encrypted connection mandatory   Encryption software to encrypt the files recommended Secure connection or Encrypted connection mandatory   Encryption software to encrypt the files
Databases File storage systems Applications (SQL, DB, Lotus Notes, Domino etc.) Secure connection required Secure connection and Encryption mandatory Encryption in transit recommended between servers within a ITPROSEC approved secure data center Encryption mandatory for all other transmission 
Mobile device Encryption recommended Encryption mandatory Secured in locked container, cabinet or drawer when not in use Do not leave unattended Encryption mandatory 
Hard copy (Letter, Memo, Printed document) Secured in locked container, cabinet or drawer when not in use   Do not leave unattended Secured in locked container, cabinet or drawer when not in use   Do not leave unattended Facsimile transmission not permitted  

6.5. Receiving Information Protection Measure

When the ITPROSEC receives information from another organization, apply the ISC and safeguards as appropriate. If the information already has a security /sensitivity level applied, use the equivalent ITPROSEC safeguards.

Type Unclassified Low Medium High
Electronic messaging services (Email, Text, chat history etc.) Received marked as “Unclassified” or “Public”, mark to ITPROSEC level as “Unclassified” Received marked as “Internal, or ‘Protected”, give same safeguard or ITPROSEC level “Low”   Received marked as “Confidential’, or ‘Top Protected”, give ITPROSEC safeguard level as “Medium”.   Received marked as “Highly Confidential’, or ‘Highly Protected”, give ITPROSEC safeguard level as “High”.  
Electronic documents Files (.doc, xls, PPt, pdf, txt, jpg etc.)   Received marked as “Unclassified” or “Public”, mark to ITPROSEC level as “Unclassified Received marked as “Internal, or ‘Protected”, give same safeguard or ITPROSEC level “Low”   Ensure the documents are secure electronically Received marked as “Confidential’, or ‘Top Protected”, give ITPROSEC safeguard level as “Medium”.   Ensure the documents are secure or Encryption recommended Received marked as “Highly Confidential’, or ‘Highly Protected”, give ITPROSEC safeguard level as “Medium”.   Ensure the documents are secure or Encryption Mandatory
Hard copy (Letter / Memo, Printed document) Received marked as “Unclassified” or “Public”, mark to ITPROSEC level as “Unclassified” Received marked as “Internal, or ‘Protected”, give same safeguard or ITPROSEC level “Low”   Do not leave unattended Received marked as “Confidential’, or ‘Top Protected”, give ITPROSEC safeguard level as “Medium”.   Secured in locked container, cabinet or drawer when not in use   Do not leave unattended Received marked as “Highly Confidential’, or ‘Highly Protected”, give ITPROSEC safeguard level as “High”.   Secured in locked container, cabinet or drawer when not in use Do not leave unattended

6.6 Disposal / Storage Media Reuse Protection Measures

As required by the Information Security Classification and by the ITPROSEC – Record Retention Schedules, paper records, storage devices, and removable media that are no longer needed shall undergo a deletion process such that sensitive information cannot be reconstructed or recovered after use. Depending on the information asset, each may need a different type of disposal protection measure. Please consult IT for assistance with deletion and disposal measures for media and mobile devices. Table 6 identifies disposal protection measures for common information assets across the classification levels.

                                    Table 6: Disposal / Storage Media Reuse Protection Measure

Type Low Medium High
Removable media and hard drives   Data irretrievably deleted or media destroyed CD/ DVD media destroyed (e.g., shred, cut, break, etc.) Data irretrievably deleted or media destroyed CD/ DVD media destroyed (e.g., shred, cut, break, etc.) Data irretrievably deleted or media destroyed CD/ DVD media destroyed (e.g., shred, cut, break, etc.)
Mobile device   Data irretrievably deleted prior to reuse or destruction Data irretrievably deleted prior to reuse or destruction Data irretrievably deleted prior to reuse or destruction
Hard copy     Cross cut shredding or ITPROSEC approved secure waste disposal service Cross cut shredding or ITPROSEC approved secure waste disposal service   Cross cut shredding or ITPROSEC approved secure waste disposal service  
Voicemail Phone Messages erased when no longer required Messages erased when no longer required Voicemail not permitted  

6.7 Uses Away From ITPROSEC Premises

It is not permitted to remove classified information from the ITPROSEC premises. If for any reason, the information needs to be taken away such as for a meeting or a conference outside of the ITPROSEC, special care should be taken to ensure that the ITPROSEC classified information is not compromised in vehicles, conference centres, meeting rooms or public places, including any other area outside of the ITPROSEC premises. Table 7 identifies off-premises protection measures across the classification levels.

                                        Table 7: Use Away from ITPROSEC Premises

Type Low Medium High
Authorization Approved Individual / group   Requires business owner authorization for use away from ITPROSEC Premises Approved Individual / group   Requires business owner authorization for use away from ITPROSEC Premises Select approved Individual   Requires business owner authorization for use away from ITPROSEC premises  
All electronic storage media and mobile devices   Keep information in encrypted removable media, mobile devices, secured using physical locks or on-person when not in use     Do not disclose or leave unattended   Encryption device is mandatory for information stored on removable media or mobile devices Keep information in encrypted removable media, mobile devices physically locked away, secured using physical locks or on-person when not in use   Do not disclose or leave unattended   Encryption mandatory for information stored on removable media or mobile devices Keep information in encrypted removable media or mobile,  devices physically locked away, secured using physical locks or on person when not in use   Must not disclose or leave unattended   Encryption mandatory for information stored on removable media or mobile devices

Access control refers to permissions and limitations for disclosing ITPROSEC classified information. Access to information stored in the ITPROSEC Systems is addressed by assigning privileges based on the individual’s “need to know” and their role. Table 8 identifies the measures required to manage and track access and disclosure activities for ITPROSEC information across the classification categories.

                                                Table 8: Access Protection Measures

Type Low Medium High
User authentication User access with unique user ID and password   A strong authentication required to access internal ITPROSEC applications remotely   Password encrypted in transmission and storage User access with unique user ID and password   A strong or two factor authentication required to access internal ITPROSEC applications remotely   Password encrypted in transmission and storage User access with unique user ID and password   Second authentication required to confirm access or Two-factor authentication required to access internal ITPROSEC applications remotely   Password encrypted in transmission and storage
User authorization and access control Business Owner’s approval required Access granted based on need to know   At a minimum, security assigned by group. (User receives all access privileges assigned to the group.) Business Owner, or designated Business Steward, approval required Access granted based on need to know   At a minimum, security assigned by group. (User receives all access privileges assigned to the group.) Business Owner/ Manager approval mandatory   Access granted based on need to know   Security group or individual based on role in function or organization  
User access reviews Access reviews conducted every six (6) months Access reviews conducted every six (6) months Access reviews conducted every three (3) months  
System security logs   Log security relevant access or actions   Logs subject to records retention requirements as appropriate   Log security relevant access or actions   Logs subject to records retention requirements as appropriate                                Log security relevant access or actions; continual security monitoring for unauthorized activity and intrusions mandatory   Logs subject to records retention requirements as appropriate

Note: Classified systems must comply with ITPROSEC Security Baselines (or equivalent). See the Technical Security Baselines for additional information.

8.1 Information Security:

The Information Security Office (ISC) who oversees the ITPROSEC information Security Program and maintain overall security by:

  • Developing and implementing ITPROSEC wide information security program.
  • Documenting and disseminating information Security policies, procedures, standards and guidelines.
  • Identifying, reviewing risk associated to the operational or the change and providing necessary recommendation.
  • Coordinating the development and implementation of ITPROSEC information security training and awareness program
  • Coordinate a response to actual or suspected breaches in the confidential, integrity or availability of ITPROSEC Data.

8.2 Data Steward:

A Data Steward who oversees the lifecycle of one more sets of ITPROSEC Data. Responsibility of Data Steward includes the following:

  • Serves, Commission-wide, as the central point of contact and knowledge for the data under their stewardship
  • Is responsible for implementing DG practices and solutions – including participating in the change of Branch / Office business processes – as mandated by the DG Steering Committee and directed by the DGWG
  • Is responsible for providing and maintaining data definitions
  • Is responsible for attainment of metrics set for data by the DG Steering Committee
  • Is able to prioritize issues related to the data in their stewardship
  • Identifies/defines mandatory/critical data elements that need to be measured or treated separately
  • Maintains and updates DQ & MDM business rules
  • Identifies, manages and escalates as needed critical data management issues and risks
  • Together with Data Owners, identifies resources to participate in data-related issue resolution
  • Together with Data Owners, reviews and provides input to data model for their data domain
  • Target ITPROSEC organizational alignment: Manager

8.3 Data Owner:

A Data Owner has administrative control and has been officially designated as accountable for a specific information asset dataset with the following definition:

  • Accountable for the definition, quality, and compliance to standards/regulations of the data in their data domain[1]
  • The goal of the Data Owner to ensure that the data within their domain is fit for use by ensuring that DG Practices {i.e. Policies, Standards, Processes, and Procedures in DG, DQ, MM and MDM/RDM} are deployed. This includes the following key tasks:
    • Ensures that data definitions are provided by Data Stewards for the data domain
    • Contributes to and approves data duplicate identification (i.e. matching and survivorship rules) for master data in their domain
    • Together with Data Stewards, identifies and mobilizes resources to participate in data-related issue resolution
    • May contribute to data access policies and controls within their data domain, along with whoever manages this agenda within IT
  • Ideally, understands usage, consumption and value of data in their ownership across the broader organization
  • Familiar with Data Management and Governance roles, principles and processes
  • Contributes to identifying the scope of a domain
  • Proposes Data Steward appointments to the DG Steering Committee
  • Provides agreed-upon reporting on DG performance metrics for their domain (i.e. DQ, MM, MDM/RDM, compliance) to the DG Steering Committee
  • Proposes feedback to and seeks clarification about policies, processes and procedures related to the data in their domain from DGWG and the DG Steering Committee

8.4 Records and Information Management:

Records and Information Management is a unit in the ITPROSEC which provides records management advice, support, and services to staff such as:

  • Reference and retrieval
  • Information and records management compliance advice and best practices guidance
  • Secure shredding of paper documents
  • Secure destruction of electronic media.

The following resources provide additional guidance for protecting the ITPROSEC information:

  • ITPROSEC Information and Records Management Policy
  • ITPROSEC Employee Information Security Handbook v0.9 DRAFT.docx
  • ITPROSEC Data Governance Program Framework
  • ITPROSEC Technical Security Baselines
  • ITPROSEC Records Retention Schedules
  • Protecting ITPROSEC Information When Outside the Office
  • Freedom of Information and Protection of Privacy Act

Appendix A –Terms and Definitions

This appendix identifies commonly used terms used throughout this standard.

Term Definition
Application A software program that performs a specific function directly for a user.  
Authentication/Two-factor Authentication The process of verifying the identity or other attributes claimed or assumed by a user.  
Authorized third party provider A non-Employee or entity in a contractual arrangement for specific services with the ITPROSEC.  
ITPROSEC approved secure data center A facility operated by or on behalf of ITPROSEC whose sole function, operation, or use involves information technology equipment, systems and services. It utilizes a variety of environmental and operational measures for information storage, processing, transmission, and protection, and must meet a minimum of twelve (12) controls to be considered ITPROSEC approved.  
Electronic messaging services Services providing interpersonal communications capability to conduct ITPROSEC business. Electronic messaging services include, but are not limited to, electronic mail, text messaging, online chat, electronic fax, and other similar electronic communications services.  
Encryption in transit The protection of information at its point of origin and intended destination that cannot be read by someone or an application that is not authorized to it.  
Encryption software The content of the documents, pictures or files are protected by enabling password or compression with encryption. Some of encryption capable software are WinZip, WinRar, Word, Excel etc.  
Enterprise database system A collection of programs used to enter, organize, and select data in a database, and is licensed for business use. Examples of enterprise database systems include IBM DB2 Enterprise Server, Oracle Database, and Microsoft SQL Server Enterprise.  
File storage system A physical device used for large scale implementation onto which information is recorded or stored.  
Mobile device A portable computing and communications device with information storage capability. Mobile device includes, but is not limited to, laptop computer, smartphone, tablet computer, cellular telephone, digital camera, and audio recording device.  
Removable media Any electronic information storage device used to store data for specific and legitimate purposes. Removable media includes, but is not limited to: magnetic storage devices such as back-up tapes, floppy disks, removable hard drives; cartridges, including digital audio tape (DAT), optical disks in compact disc (CD) and digital video disc (DVD) format; static memory devices such as flash memory cards, USB flash drives, and thumb key drives;  
Secure access connection A secure network connection that is connect between ITPROSEC network and from the outside public network such as the Internet or other non-ITPROSEC networks (e.g. GoToMyPC). Its purpose is to secure connection from the remote users from getting access to ITPROSEC information assets.  
Third Parties Third parties entities/companies work with ITPROSEC such as Manage Service provider, Data center provider, outsourcer or external professional services.

Appendix B –Protection Measures Summary

This appendix summarizes the protection measures required for each information data classification and control. This reference is intended for all Employees and Third Parties who works/handles with ITPROSEC information.

Refer to the ITPROSEC Record and Information Policy for classification, Freedom of Information and Protection of Privacy Act for requirements for the collection, use, disclosure and protection of information classified as “Personal Information.”

http://www.ITPROSEC.com/en/statements_privacy_index.htm

http://intranet.ITPROSEC.com/5793.htm

ELECTRONIC MESSAGING SERVICES ELECTRONIC DOCUMENTS / FILES   DATABASES/ FILE STORAGE SYSTEMS/ APPLICATION REMOVABLE MEDIA   MOBILE DEVICE   HARDCOPY   VOICEMAIL / PHONE   DISPOSAL  
For Internal Use             Mark ‘Low’ or in the Message Sensitivity setting, where available, or Subject line   Encryption recommended Mark ‘Low’ or ‘Internal’ on every page, view, or document meta-data   Encryption recommended Mark ‘Low’ or ‘Internal’ in meta-data, online screen displays and reports Encryption recommended Accessed via ITPROSEC approved Secure Connection Method (GoToMyPC) or authorized Third Party Provider Mark ‘Low’ or ‘Internal’ on exterior / adhesive label, where feasible Encryption recommended Secured in locked container, cabinet or drawer when not in use   Do not leave unattended Encryption recommended   Do not leave unattended Mark ‘Low’ or ‘Internal’ on every page Secured in locked container, cabinet or drawer when not in use Facsimile transmission permitted when sender and receiver present Sent in protected envelope using normal post   Do not leave unattended Recipient can be identified and spoken to Voicemail identifies classification; messages deleted when no longer required Information not discussed in public place where it may be overheard Discussions via mobile phone conducted with discretion                 Data on removable media, mobile devices, and hard drives irretrievably deleted prior to reuse or destruction Cross cut shredding or ITPROSEC approved secure waste disposal service mandatory for hard copy documents      
High Mark ‘High’ in the Message Sensitivity setting, where available, or Subject line   Encryption mandatory Mark ‘High’ on every page, view, or document meta-data   Encryption mandatory Mark ‘High’ in meta-data, online screen displays and reports Encryption recommended for enterprise database systems within ITPROSEC approved secure data center; otherwise encryption device or mandatory Encryption in transit recommended between servers within ITPROSEC approved secure data center; otherwise encryption mandatory Accessed via ITPROSEC approved Secure Access Method ‘GoToMyPC’ or authorized Third Party Provider only Mark ‘High’ on exterior / adhesive label, where feasible Encryption mandatory Secured in locked container, cabinet, drawer, or safe when not in use   Do not leave unattended Encryption mandatory   Do not leave unattended Mark ‘High’ on every page Secured in locked container, cabinet, drawer, or safe when not in use Facsimile transmission not permitted Sent in protected envelope or tamper evident packaging by bonded courier; delivery tracking and recipient confirmation required   Do not leave unattended Voicemail not permitted Information not discussed in public place where it may be overheard Discussions conducted via mobile phone with discretion Data on removable media, mobile devices, and hard drives irretrievably deleted prior to reuse or destruction Cross cut shredding or ITPROSEC approved secure waste disposal service mandatory for hard copy documents


Appendix C –Information Classification Examples

This appendix lists the official classifications in use at ITPROSEC. For questions regarding classification of information not listed in this appendix, please contact the business owner or business steward for the appropriate business function.

Sensitivity Level Risk Access Protective Safeguards  
Unclassified None Public None  
Low Low Internal employee use only Consult with business owner  
Medium Medium Select /Approved Group of Employees Consult with business owner / Record and Information   Consider using protective safeguards like Follow-You printing or header/footer
High High Select/Approved Individuals Consult with business owner /Record and Information   Apply header or footer with sensitivity level   Use Follow-You printing   Do not use Inter-Office Mail   Identify sensitivity level in the subject of an email or body.
Functional Area Medium High
Legal Regulatory Report Legal Notice Enforcement information of the company or director
Finance ITPROSEC Financial report Negotiation or Financial information submitted for Merger & Acquisition (M&A)
Human Resources Completed employee performance reviews Investigation on Employees
Information Technology Security Policy, Procedures, Standard Technical Security Baseline System Architecture diagrams   ITPROSEC network design, IP address, documents, system security configuration, parameters ITPROSEC internal IP address, network password
Executive Executive Travel Plans Confidential information submitted for Derivatives, Merger and Acquisition (M&A)
http://intranet.ITPROSEC.com/3377.htm

http://intranet.ITPROSEC.com/5467.htm

http://intranet.ITPROSEC.com/documents/HowTo_MI_AppropriateUseOfITPROSECInformationAndComputingResourcesPolicy_20141215_(updated_20140114).pdf

For details contact [email protected] or at Ext. 3735 or [email protected] or at Ext. 3779

APPENDIX D- Roles and Responsibilities

All employees working at the ITPROSEC must maintain accurate and reliable records that fairly reflect all of our business transactions in order to meet our legal and financial obligations.

Employees must be aware of and understand the Data Classification and Control Policy, Information and Records Management Policy.  

For more information, visit the links below:

http://intranet.ITPROSEC.com/4412.htm

http://intranet.ITPROSEC.com/documents/HowTo_MI_ITPROSECInformationAndRecordsManagementPolicy2017_RecordsOfficerDescription.pdf

http://ITPROSECer/otcs/livelink.exe/properties/3515891

APPENDIX E- Resources for Assistance

ITPROSEC Information and Records Management Policy

Enterprise Connect\ITPROSECer\Enterprise\Corporate Services\Information Services\00 Records and Information Management

ITPROSEC Employee Information Security Handbook v0.9 DRAFT.docx

Enterprise Connect\ITPROSECer\Enterprise\Corporate Services\Information Services\18 –

Security\Employee Information Security Handbook

ITPROSEC Data Governance Program Framework

http://ITPROSECer/otcs/livelink.exe/properties/3515891

ITPROSEC Technical Security Baselines

Enterprise Connect\ITPROSECer\Enterprise\Corporate Services\Information Services\18 – Security\Information Security Standards

ITPROSEC Records Retention Schedules

http://intranet.ITPROSEC.com/5477.htm

Freedom of Information and Protection of Privacy Act

https://www.ontario.ca/laws/statute/90f31

       Protecting ITPROSEC Information When Outside the Office

http://intranet.ITPROSEC.com/4002.htm

          Guidelines on Protecting ITPROSEC Information When Outside the ITPROSEC.


[1] For more on Data Domains, please see Section 4.5.1 Structure of Data Ownership & Accountability below.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: