My organisation tries to implement the ISO-27002, but I have a problem with the IT staff and external consultants about "Information Assets Classification and Controls".
I consider "Information Assets Classification and Controls" from a records management point of view, in relation with the classification scheme of functions and activities.
Someone who has experience in ISO 27002 could tell me if this view is correct?
Thanks!
Lluís-Esteve Casellas i Serra
Head of Records and Archives Management
Manager Data Security
Servei de Gestió Documental, Arxius i Publicacions (SGDAP)
Ajuntament de Girona. Plaça del vi, 1. 17004 GIRONA (CATALONIA - Spain)
Tel. +34 972 419 434 - Fax +34 972 01 02 04 // Ext. 1238
http://www.ajuntament.gi/sgdap
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]