This chapter covers the following topics:
Asset Security Concepts: Concepts discussed include data policy, roles and responsibilities, data quality, and data documentation and organization.
Identify and Classify Information and Assets: Classification topics discussed include data and asset classification, sensitivity and criticality, private sector classifications, military and government classifications, the information life cycle, databases, and data audit.
Information and Asset Ownership: Discusses determining and documenting information and asset ownership.
Protect Privacy: Components include owners, data processors, data remanence, and collection limitation.
Asset Retention: Retention concepts discussed include ...