Information Classification in Swedish Governmental Agencies: Analysis of Classification Guidelines
Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Information classification deals with the handling of sensitive information, such as patient records and social security information. It is of utmost importance that this information is treated with caution in order to ensure its integrity and security. In Sweden, the Civil Contingencies Agency has established a set of guidelines for how governmental agencies should handle such information. However, there is a lack of research regarding how well these guidelines are followed as well as if the agencies have made accommodations of these guidelines of their own. This work presents the results from a survey sent to 245 governmental agencies in Sweden, investigating how information classification actually is performed today. The questionnaire was answered by 144 agencies and 54 agencies provided detailed documents of their classification process. The overall results show that the classification process is difficult, while those who provided documents proved to have good guidelines, but not always consistent with the existing recommendations.
Place, publisher, year, edition, pages
2015. , 36 p.
Information Security Management Systems, Information Classification, Classification Guidelines, ISO/IEC 27000, Governmental agencies
Computer and Information Science
IdentifiersURN: urn:nbn:se:his:diva-11493OAI: oai:DiVA.org:his-11493DiVA: diva2:851843
Subject / course
Network and Systems Administration