ISO 27001 Implementation Guidance: Classification vs Labelling

A fundamental building block of most Information Security Management Systems is an information classification, labelling and handling scheme. A classification scheme is a means of differentiating between information of differing sensitivity, and these will have labels applied to them, common examples are 'confidential', 'sensitive', 'internal', and 'public'. This should then be supplemented by guidance on how information of these differing classifications are to be handled (