Information classification - Work in progress

Information security aims to secure that risks, disturbances and threats directed towards university information resources are identified and handled to minimize negative consequences regarding availability, confidentiality and accuracy.

Information classification is the basis to give information the necessary protection. Information is classified by the function and importance it has and the consequences that will occur if the information is improperly handled, disappears, end up in the wrong hands, corrupted etc.

Risk and threat scenario analyses (rev. 2018-02-13).
Risk analyses gives the opportunity for a structured analysis of factors that might cause disturbances, as well as help selecting alternative methods to reduce risks.

See also our short nanolearning on information classification and analysis or the presentation from our workshop (2018-03-08)

Rutiner för säker informationshantering (PDF), inkl användning av molntjänster (Rev. 2018-03-23)

Instructions for information classification (PDF). With the instructions come:

Risk and threat scenario analyses

Risk and threat scenario instructions. With these instructions come:

Self control checklists for IT-systems

Instructions on how to work with the checklist. With the instructions come:

IT security

Information regarding technical security, system configurations, how to protect your computer, malware, how to report IT security incidentes etc.

Risk management

Risk management process with yearly reports

Information - written, spoken, in electronic form, all kinds of research data, examinations etc - is an asset that, like physical properties and personnell is vital to to maintain the university activities.