SlideShare a Scribd company logo

Clasify information in education field

Nebojsa Stefanovic
Nebojsa Stefanovic

Each information is a set of new data about a fact or event, hitherto unknown by increasing the knowledge increment. In the field of education and knowledge, information is created, transmitted and received extremely dynamically. The paper describes the procedures for categorizing information sets according to the set security goals represented in the field of education, transferring levels of influence higher or lower than the default based on the magnitude of the damage caused by compromising information. Due to the fact that the level of influence of information is related to the activity of the Commissioner for Information of Public Importance, when analyzing the content, there is a compromise of different types of information.

Government & Nonprofit
1 of 22
Download to read offline
CLASSIFICATION OF INFORMATION IN EDUCATION FIELD Prof. NEBOJŠA STEFANOVIĆ
DEFINITION AND CLASSIFICATION OF INFORMATION • A set of new data about a fact, an event that increases The former level of knowledge. • Area of education is particularly dynamic In the receipt and exchange of information. • Setting security objectives. • The method receives information which unambiguously corresponding categorical tag represents the degree of sensitivity of information classification. • In accordance with a defined level of categories of managed information. 2
CLASSIFICATION OF INFORMATION - TYPES SECRECY –PRESENT SITUATION • The level of impact of information is associated with the activities of the commissioner for information of public importance and personal data protection • Area classification is regulated by the law legislation. • Generally, information according to the type of secrecy are divided into the following categories: • ARMY, • STATE, • OFFICIAL. 3
TYPES AND DEGREE SECRECY OF INFORMATION Certain types of classification to be added • Business and • Professional secret. The degree of secrecy is generally defined as state, strictly confidential, confidential and internal without determining the degree of classification. Wrong assumption that all other information that does not belong to the above treated as public information, phone numbers, addresses, .. (except personal). 4
INFORMATIONS - INFORMATION SYSTEMS Different approach presented in this paper is based primarily on the integration of informations - information systems (IS) is based on a holistic approach to classifying information, the establishment of sustainable processes and operational implementation of categorization. 5
SAFETY CATEGORY Security categories are based on the potential impact of events on the institution that endanger information and IS in accomplishing assigned tasks, asset protection, fulfillment of legal obligations and maintenance functions and the protection of individuals. The proposed three levels of influence • LOW, • MODERATE AND • HIGH 6
SECURITY OBJECTIVES Mandatory security objectives are: • CONFIDENTIALITY, • INTEGRITY AND • THE AVAILABILITY OF INFORMATION Definitions: CONFIDENTIALITY - Represents preserving authorized restrictions on information access and disclosure, including means for personal privacy and information about property ownership. The loss of confidentiality is the unauthorized disclosure of information.7
SECURITY OBJECTIVES • INTEGRITY - Is protection of the improper information modification or destruction of information, and includes providing information of authentication and non-repudiation. Loss of integrity is the unauthorized modification or destruction of data. • AVAILABILITY - Is the provision of timely and reliable access to and use of information. The loss of availability to interrupt access to or use of data or availability of an information system. 8
LEVEL OF INFLUENCE • The potential impact is low if the loss of confidentiality, integrity and availability of such is to be expected limited negative impact on business operations, assets, or individuals. • The potential impact is moderate if the loss of confidentiality, integrity and availability such that it can be expected to have a serious negative impact on business operations, assets, or individuals and can cause significant drop capabilities in scope and duration that the institutions are able to perform as its primary function, 9
LEVEL OF INFLUENCE • The potential impact is high if the loss of confidentiality, integrity and availability such that it can be expected to have a severe or catastrophic adverse effect on the operations or individuals. • Serious or catastrophic adverse effect means that, loss of confidentiality, integrity and availability may cause a serious decline or loss of ability in relation to the scope and duration so that the institution is unable to perform one or more of its basic functions and result in great damage on resources, large financial losses or cause a serious or catastrophic harm to individuals resulting in death or serious life threatening injuries. 10
SECURITY CATEGORY EXPRESSION FORM SAFETY CATEGORY(TYPEOFINFORMATION) = {[(COFIDENTIALITY, INFLUENCE,); (INTEGRITY, INFLUENCE); (AVAILABILITY, INFLUENCE)} 11
A METHOD OF CATEGORIZING • The methodology used to identify the type of information is as follows: • Identifying core business areas and tasks which supports IS considered; • Identifying the internal and / or external operations for each business area and the assigned task, area or business flows and description of IS in functional terms; • Identifying sub function necessary for the performance of each business areas or activities; • Identifying the main types of information with the identified sub-functions where necessary. 12
13 1 2 3 5 IDENTIFY THE TYPE OF INFORMATION CHOOSE THE TEMPORARY LEVE IMPACT INFORMATION CRITICAL EVELUATION ALLOCATED TO LEVEL OF INFLUENCE INFORMATION HARMONIZE LEVEL IMPACT OF INFORMATION ASSIGN SECURITY CATEGORY OF INFORMATION RECOMMENDATION FOR LEVEL IMPACT OF THE INFORMATION SYSTEM 4 RECOMENDATION FOR LEVEL IMPACT COMMON TYPE OF INFORMATION RECOMENDATION FOR LEVEL ON INFLUENCE OF SPECIFIC TYPE OF INFORMATION ASSIGN SAFETY LEVEL INFORMATION SYSTEM
IMPLEMENTATION OF CLASSIFICATION • For the classification of confidential information in each educational institution it is necessary to establish a special expert working group to identify confidential information, ways of storing, transmitting, copying and destroying them. 14
MANAGEMENT • Operating results of educational institutions consist of common and specific types of information. 15
Management Information and technology management Information resource management Development system Human Resource Management Life Cycle / Change Management Human Resource Management IT security Manage earnings / expense reimbursements Information management information Training and development resources Financial management Manage confidentiality checks Accounting Employment Finances Administration Management Collections and receivables Facility Management / Time / Equipment Asset and Liability Management Ancillary services of the institution Reporting and information Security Supply Chain Management Management Procurement of goods Workplace Management and Development Policy Inventory control Maintenance system Procurement service Logistics management 16 THE BUSINESS MODEL OF EDUCATIONAL INSTITUTIONS
OTHER FACTORS When the educational institution determines the level of influence and categorize safety by applying the above criteria, considering the effects on safety for each type of information, analyzing the aforementioned conditions in the table below: • Factors confidentiality common information • Factors integrity common information: • Factors availability of common information 17
CATEGORIZATION OF INFORMATION IN EDUCATION FIELD. SECURITY OBJECTIVES LOW MODERATE HIGH Confidentiality Keeping the authorized limit access to information and discovery, including the means for personal privacy and ownership information. Unauthorized disclosure of information may have limited negative impact on business operations, assets, or individuals. Unauthorized disclosure of information may have a serious negative impact on business operations, assets, or individuals. Unauthorized disclosure could have serious or catastrophic bad impact on business operations, assets, or individuals. Integrity Storing information from unauthorized modification or destruction, and includes ensuring non-repudiation and authenticity of information. Unauthorized modification or destruction of information can have a limited negative impact on business operations, assets, or individuals. Unauthorized modification or destruction of information can have a serious negative impact on business operations, assets, or individuals. Unauthorized modification or destruction of information can have a severe or catastrophic adverse effect on business operations, assets, or individuals. Availability The provision of timely and reliable access to and use of information. Obstruction of access to information system or the use of data or may have a limited negative impact on business operations, assets, or individuals. Obstruction of access to information system or use of data can have a serious negative impact on business operations, assets, or individuals. Obstruction of access to information system or use of data can have serious negative or disastrous bad impact on business operations, assets, or individuals. 18
RECOMMENDED SECURITY LEVEL INFORMATION Security categorization support the transfer of inf. Confidentiality Integrity Availability Public affairs Relations with local government / Ministry Moderate Moderate Low Jobs educational institutions Execution of the function of education Low Low Low Human Resources Management Strategy and Human resource management Low Low Low Internal risk management services Recovery costs of information system Moderate Low Low Information and management system System development Low Moderate Low IT System maintenance Moderate Moderate Niska Maintenance of infrastructure IS Niska Moderate Moderate 19
WHICH WAY TO GO • Creating a catalog of information • Determining the degree of granulation information 20
BUSINESS AREAS MINISTRY OF EDUCATUON REPUBLIC OF SERBIA • Information in the primary, secondary and vocational education, • Information in higher education • Other types of information in education, • Information regarding counseling and types of consulting information, • Information related to permits and licenses, • Information related to the implementation and respect of legislation regarding inspection and audit, • Information about the security of certain kinds of information, • Information related to the information system and monitoring networks • Information exchange type of information, • Information of general-purpose and statistical information 21
CONCLUSION • Disorganized system of protection of information is reflected in security. • The awareness of employees about the importance of compliance with data protection regulations still not at a satisfactory level. • Adopting regulations, directives and other regulations governing protection of information and practical application in dealing with classified information and continuous training of employees in the areas of information security. • Join the categorization of information by defining security objectives. • Access and categorization of is that create, preserve, process and transmit such information. • Security categorization does not require the investment 22

Recommended

Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security Framework
Nada G.Youssef
 
Sensitive data
Sensitive dataSensitive data
Sensitive data
S.M. Towhidul Islam
 
Classifying Data to Help Secure Business Information - Template fromMicrosoft
Classifying Data to Help Secure Business Information - Template fromMicrosoftClassifying Data to Help Secure Business Information - Template fromMicrosoft
Classifying Data to Help Secure Business Information - Template fromMicrosoft
David J Rosenthal
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales Deck
Evan Francen
 
Information classification
Information classificationInformation classification
Information classification
Howard Diesel (CDMP BI, DW, DBA, Msc Elec Eng)
 
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security ProsPrivacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Nicholas Van Exan
 
20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness
Dinesh O Bareja
 
Presentation2 (2)
Presentation2 (2)Presentation2 (2)
Presentation2 (2)
ITNet
 

Recommended

Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security Framework
Nada G.Youssef
 
Sensitive data
Sensitive dataSensitive data
Sensitive data
S.M. Towhidul Islam
 
Classifying Data to Help Secure Business Information - Template fromMicrosoft
Classifying Data to Help Secure Business Information - Template fromMicrosoftClassifying Data to Help Secure Business Information - Template fromMicrosoft
Classifying Data to Help Secure Business Information - Template fromMicrosoft
David J Rosenthal
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales Deck
Evan Francen
 
Information classification
Information classificationInformation classification
Information classification
Howard Diesel (CDMP BI, DW, DBA, Msc Elec Eng)
 
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security ProsPrivacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Nicholas Van Exan
 
20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness20100224 Presentation at RGIT Mumbai - Information Security Awareness
20100224 Presentation at RGIT Mumbai - Information Security Awareness
Dinesh O Bareja
 
Presentation2 (2)
Presentation2 (2)Presentation2 (2)
Presentation2 (2)
ITNet
 
Protecting Donor Privacy
Protecting Donor PrivacyProtecting Donor Privacy
Protecting Donor Privacy
Raymond Cunningham
 
Implementing an Information Security Program
Implementing an Information Security ProgramImplementing an Information Security Program
Implementing an Information Security Program
Raymond Cunningham
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
Jasleen Khalsa
 
Information Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric VanderburgInformation Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Eric Vanderburg
 
Data Privacy & Security
Data Privacy & SecurityData Privacy & Security
Data Privacy & Security
Eryk Budi Pratama
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
Nicholas Davis
 
Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018
Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018
Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018
Next Dimension Inc.
 
CISSP Certification-Asset Security
CISSP Certification-Asset SecurityCISSP Certification-Asset Security
CISSP Certification-Asset Security
Hamed Moghaddam
 
Information security
Information securityInformation security
Information security
Sanjay Tiwari
 
Introduction to Health Informatics Ch11 power point
Introduction to Health Informatics Ch11 power pointIntroduction to Health Informatics Ch11 power point
Introduction to Health Informatics Ch11 power point
bradleyl2
 
2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance 2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance
Raffa Learning Community
 
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1
Hamed Moghaddam
 
Resume: The Complete Guide to Cybersecurity Risks and Controls
Resume: The Complete Guide to Cybersecurity Risks and ControlsResume: The Complete Guide to Cybersecurity Risks and Controls
Resume: The Complete Guide to Cybersecurity Risks and Controls
Rd. R. Agung Trimanda
 
Rightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloud
RightScale
 
Himss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanjiHimss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanji
Feisal Nanji
 
FRSecure Company Overview
FRSecure Company OverviewFRSecure Company Overview
FRSecure Company Overview
stevemarsden
 
Identity theft and data responsibilities
Identity theft and data responsibilitiesIdentity theft and data responsibilities
Identity theft and data responsibilities
Peter Henley
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
IJERD Editor
 
Siskinds | Incident Response Plan
Siskinds | Incident Response PlanSiskinds | Incident Response Plan
Siskinds | Incident Response Plan
Next Dimension Inc.
 
2021FSAConfSession22.pptx
2021FSAConfSession22.pptx2021FSAConfSession22.pptx
2021FSAConfSession22.pptx
ssuser4102fa
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security Program
Financial Poise
 

More Related Content

What's hot

Protecting Donor Privacy
Protecting Donor PrivacyProtecting Donor Privacy
Protecting Donor Privacy
Raymond Cunningham
 
Implementing an Information Security Program
Implementing an Information Security ProgramImplementing an Information Security Program
Implementing an Information Security Program
Raymond Cunningham
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
Jasleen Khalsa
 
Information Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric VanderburgInformation Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Eric Vanderburg
 
Data Privacy & Security
Data Privacy & SecurityData Privacy & Security
Data Privacy & Security
Eryk Budi Pratama
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
Nicholas Davis
 
Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018
Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018
Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018
Next Dimension Inc.
 
CISSP Certification-Asset Security
CISSP Certification-Asset SecurityCISSP Certification-Asset Security
CISSP Certification-Asset Security
Hamed Moghaddam
 
Information security
Information securityInformation security
Information security
Sanjay Tiwari
 
Introduction to Health Informatics Ch11 power point
Introduction to Health Informatics Ch11 power pointIntroduction to Health Informatics Ch11 power point
Introduction to Health Informatics Ch11 power point
bradleyl2
 
2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance 2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance
Raffa Learning Community
 
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1
Hamed Moghaddam
 
Resume: The Complete Guide to Cybersecurity Risks and Controls
Resume: The Complete Guide to Cybersecurity Risks and ControlsResume: The Complete Guide to Cybersecurity Risks and Controls
Resume: The Complete Guide to Cybersecurity Risks and Controls
Rd. R. Agung Trimanda
 
Rightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloud
RightScale
 
Himss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanjiHimss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanji
Feisal Nanji
 
FRSecure Company Overview
FRSecure Company OverviewFRSecure Company Overview
FRSecure Company Overview
stevemarsden
 
Identity theft and data responsibilities
Identity theft and data responsibilitiesIdentity theft and data responsibilities
Identity theft and data responsibilities
Peter Henley
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
IJERD Editor
 

What's hot (19)

Protecting Donor Privacy
Protecting Donor PrivacyProtecting Donor Privacy
Protecting Donor Privacy
 
Implementing an Information Security Program
Implementing an Information Security ProgramImplementing an Information Security Program
Implementing an Information Security Program
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
 
Information Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric VanderburgInformation Security Lesson 11 - Policies & Procedures - Eric Vanderburg
Information Security Lesson 11 - Policies & Procedures - Eric Vanderburg
 
Data Privacy & Security
Data Privacy & SecurityData Privacy & Security
Data Privacy & Security
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
 
Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018
Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018
Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018
 
CISSP Certification-Asset Security
CISSP Certification-Asset SecurityCISSP Certification-Asset Security
CISSP Certification-Asset Security
 
Information security
Information securityInformation security
Information security
 
Introduction to Health Informatics Ch11 power point
Introduction to Health Informatics Ch11 power pointIntroduction to Health Informatics Ch11 power point
Introduction to Health Informatics Ch11 power point
 
2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance 2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance
 
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1
 
Resume: The Complete Guide to Cybersecurity Risks and Controls
Resume: The Complete Guide to Cybersecurity Risks and ControlsResume: The Complete Guide to Cybersecurity Risks and Controls
Resume: The Complete Guide to Cybersecurity Risks and Controls
 
Rightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloud
 
Himss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanjiHimss 2011 securing health information in the cloud -- feisal nanji
Himss 2011 securing health information in the cloud -- feisal nanji
 
FRSecure Company Overview
FRSecure Company OverviewFRSecure Company Overview
FRSecure Company Overview
 
Identity theft and data responsibilities
Identity theft and data responsibilitiesIdentity theft and data responsibilities
Identity theft and data responsibilities
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
 

Similar to Clasify information in education field

Siskinds | Incident Response Plan
Siskinds | Incident Response PlanSiskinds | Incident Response Plan
Siskinds | Incident Response Plan
Next Dimension Inc.
 
2021FSAConfSession22.pptx
2021FSAConfSession22.pptx2021FSAConfSession22.pptx
2021FSAConfSession22.pptx
ssuser4102fa
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security Program
Financial Poise
 
Information Asset Classification .pptx
Information Asset Classification .pptxInformation Asset Classification .pptx
Information Asset Classification .pptx
DrRajapraveen
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioieh
Anne Starr
 
Information and network security 4 osi architecture
Information and network security 4 osi architectureInformation and network security 4 osi architecture
Information and network security 4 osi architecture
Vaibhav Khanna
 
Responsible for information
Responsible for informationResponsible for information
Responsible for information
Dunton Environmental
 
NIST Privacy Engineering Working Group - Risk Model
NIST Privacy Engineering Working Group - Risk ModelNIST Privacy Engineering Working Group - Risk Model
NIST Privacy Engineering Working Group - Risk Model
David Sweigert
 
2014 NCSAM - Data Security and Compliance—What You Need to Know.pptx
2014 NCSAM - Data Security and Compliance—What You Need to Know.pptx2014 NCSAM - Data Security and Compliance—What You Need to Know.pptx
2014 NCSAM - Data Security and Compliance—What You Need to Know.pptx
VITNetflix
 
Closing the Governance Gap - Enabling Governed Self-Service Analytics
Closing the Governance Gap - Enabling Governed Self-Service AnalyticsClosing the Governance Gap - Enabling Governed Self-Service Analytics
Closing the Governance Gap - Enabling Governed Self-Service Analytics
Privacera
 
Deconstructing Data Breach Cost
Deconstructing Data Breach CostDeconstructing Data Breach Cost
Deconstructing Data Breach Cost
Resilient Systems
 
Co3 rsc r5
Co3 rsc r5Co3 rsc r5
Co3 rsc r5
Patrick Florer
 
DATA-PRIVACY-ACT.pptx
DATA-PRIVACY-ACT.pptxDATA-PRIVACY-ACT.pptx
DATA-PRIVACY-ACT.pptx
JaeKim165097
 
Information classification
Information classificationInformation classification
Information classification
Jyothsna Sridhar
 
ISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptxISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptx
comstarndt
 
Introduction to Information Management.pptx
Introduction to Information Management.pptxIntroduction to Information Management.pptx
Introduction to Information Management.pptx
RodolfoIII2
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response Management
Don Caeiro
 
1200 clare sanderon hse ireland
1200 clare sanderon hse ireland1200 clare sanderon hse ireland
1200 clare sanderon hse ireland
investnethealthcare
 
Data Classification .pptx
Data Classification .pptxData Classification .pptx
Data Classification .pptx
shalinityagi112
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and Security
Arianto Muditomo
 

Similar to Clasify information in education field (20)

Siskinds | Incident Response Plan
Siskinds | Incident Response PlanSiskinds | Incident Response Plan
Siskinds | Incident Response Plan
 
2021FSAConfSession22.pptx
2021FSAConfSession22.pptx2021FSAConfSession22.pptx
2021FSAConfSession22.pptx
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security Program
 
Information Asset Classification .pptx
Information Asset Classification .pptxInformation Asset Classification .pptx
Information Asset Classification .pptx
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioieh
 
Information and network security 4 osi architecture
Information and network security 4 osi architectureInformation and network security 4 osi architecture
Information and network security 4 osi architecture
 
Responsible for information
Responsible for informationResponsible for information
Responsible for information
 
NIST Privacy Engineering Working Group - Risk Model
NIST Privacy Engineering Working Group - Risk ModelNIST Privacy Engineering Working Group - Risk Model
NIST Privacy Engineering Working Group - Risk Model
 
2014 NCSAM - Data Security and Compliance—What You Need to Know.pptx
2014 NCSAM - Data Security and Compliance—What You Need to Know.pptx2014 NCSAM - Data Security and Compliance—What You Need to Know.pptx
2014 NCSAM - Data Security and Compliance—What You Need to Know.pptx
 
Closing the Governance Gap - Enabling Governed Self-Service Analytics
Closing the Governance Gap - Enabling Governed Self-Service AnalyticsClosing the Governance Gap - Enabling Governed Self-Service Analytics
Closing the Governance Gap - Enabling Governed Self-Service Analytics
 
Deconstructing Data Breach Cost
Deconstructing Data Breach CostDeconstructing Data Breach Cost
Deconstructing Data Breach Cost
 
Co3 rsc r5
Co3 rsc r5Co3 rsc r5
Co3 rsc r5
 
DATA-PRIVACY-ACT.pptx
DATA-PRIVACY-ACT.pptxDATA-PRIVACY-ACT.pptx
DATA-PRIVACY-ACT.pptx
 
Information classification
Information classificationInformation classification
Information classification
 
ISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptxISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptx
 
Introduction to Information Management.pptx
Introduction to Information Management.pptxIntroduction to Information Management.pptx
Introduction to Information Management.pptx
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response Management
 
1200 clare sanderon hse ireland
1200 clare sanderon hse ireland1200 clare sanderon hse ireland
1200 clare sanderon hse ireland
 
Data Classification .pptx
Data Classification .pptxData Classification .pptx
Data Classification .pptx
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and Security
 

Recently uploaded

Practical guide for the celebration of World Environment Day on june 5th.
Practical guide for the celebration of World Environment Day on june 5th.Practical guide for the celebration of World Environment Day on june 5th.
Practical guide for the celebration of World Environment Day on june 5th.
Christina Parmionova
 
快速办理(Bristol毕业证书)布里斯托大学毕业证Offer一模一样
快速办理(Bristol毕业证书)布里斯托大学毕业证Offer一模一样快速办理(Bristol毕业证书)布里斯托大学毕业证Offer一模一样
快速办理(Bristol毕业证书)布里斯托大学毕业证Offer一模一样
3woawyyl
 
PUBLIC FINANCIAL MANAGEMENT SYSTEM (PFMS) and DBT.pptx
PUBLIC FINANCIAL MANAGEMENT SYSTEM (PFMS) and DBT.pptxPUBLIC FINANCIAL MANAGEMENT SYSTEM (PFMS) and DBT.pptx
PUBLIC FINANCIAL MANAGEMENT SYSTEM (PFMS) and DBT.pptx
Marked12
 
2024: The FAR - Federal Acquisition Regulations, Part 38
2024: The FAR - Federal Acquisition Regulations, Part 382024: The FAR - Federal Acquisition Regulations, Part 38
2024: The FAR - Federal Acquisition Regulations, Part 38
JSchaus & Associates
 
2024: The FAR - Federal Acquisition Regulations, Part 39
2024: The FAR - Federal Acquisition Regulations, Part 392024: The FAR - Federal Acquisition Regulations, Part 39
2024: The FAR - Federal Acquisition Regulations, Part 39
JSchaus & Associates
 
AHMR volume 10 number 1 January-April 2024
AHMR volume 10 number 1 January-April 2024AHMR volume 10 number 1 January-April 2024
AHMR volume 10 number 1 January-April 2024
Scalabrini Institute for Human Mobility in Africa
 
Border towns and spaces of (in)visibility.pdf
Border towns and spaces of (in)visibility.pdfBorder towns and spaces of (in)visibility.pdf
Border towns and spaces of (in)visibility.pdf
Scalabrini Institute for Human Mobility in Africa
 
State crafting: Changes and challenges for managing the public finances
State crafting: Changes and challenges for managing the public financesState crafting: Changes and challenges for managing the public finances
State crafting: Changes and challenges for managing the public finances
ResolutionFoundation
 
在线办理美国乔治华盛顿大学毕业证(gwu毕业证书)学历学位证书原版一模一样
在线办理美国乔治华盛顿大学毕业证(gwu毕业证书)学历学位证书原版一模一样在线办理美国乔治华盛顿大学毕业证(gwu毕业证书)学历学位证书原版一模一样
在线办理美国乔治华盛顿大学毕业证(gwu毕业证书)学历学位证书原版一模一样
9d5c8i83
 
United Nations World Oceans Day 2024; June 8th " Awaken new dephts".
United Nations World Oceans Day 2024; June 8th " Awaken new dephts".United Nations World Oceans Day 2024; June 8th " Awaken new dephts".
United Nations World Oceans Day 2024; June 8th " Awaken new dephts".
Christina Parmionova
 
PPT Item # 4 - 434 College Blvd. (sign. review)
PPT Item # 4 - 434 College Blvd. (sign. review)PPT Item # 4 - 434 College Blvd. (sign. review)
PPT Item # 4 - 434 College Blvd. (sign. review)
ahcitycouncil
 
IEA World Energy Investment June 2024- Statistics
IEA World Energy Investment June 2024- StatisticsIEA World Energy Investment June 2024- Statistics
IEA World Energy Investment June 2024- Statistics
Energy for One World
 
快速办理(UVM毕业证书)佛蒙特大学毕业证学位证一模一样
快速办理(UVM毕业证书)佛蒙特大学毕业证学位证一模一样快速办理(UVM毕业证书)佛蒙特大学毕业证学位证一模一样
快速办理(UVM毕业证书)佛蒙特大学毕业证学位证一模一样
yemqpj
 
在线办理(ISU毕业证书)爱荷华州立大学毕业证学历证书一模一样
在线办理(ISU毕业证书)爱荷华州立大学毕业证学历证书一模一样在线办理(ISU毕业证书)爱荷华州立大学毕业证学历证书一模一样
在线办理(ISU毕业证书)爱荷华州立大学毕业证学历证书一模一样
yemqpj
 
Item # 10 -- Historical Presv. Districts
Item # 10 -- Historical Presv. DistrictsItem # 10 -- Historical Presv. Districts
Item # 10 -- Historical Presv. Districts
ahcitycouncil
 
原版制作(Hope毕业证书)利物浦霍普大学毕业证文凭证书一模一样
原版制作(Hope毕业证书)利物浦霍普大学毕业证文凭证书一模一样原版制作(Hope毕业证书)利物浦霍普大学毕业证文凭证书一模一样
原版制作(Hope毕业证书)利物浦霍普大学毕业证文凭证书一模一样
ii2sh2v
 
PPT Item # 7 - 231 Encino Avenue (sign. review)
PPT Item # 7 - 231 Encino Avenue (sign. review)PPT Item # 7 - 231 Encino Avenue (sign. review)
PPT Item # 7 - 231 Encino Avenue (sign. review)
ahcitycouncil
 
CBO’s Outlook for U.S. Fertility Rates: 2024 to 2054
CBO’s Outlook for U.S. Fertility Rates: 2024 to 2054CBO’s Outlook for U.S. Fertility Rates: 2024 to 2054
CBO’s Outlook for U.S. Fertility Rates: 2024 to 2054
Congressional Budget Office
 
CFYT Rolling Ads Dawson City Yukon Canada
CFYT Rolling Ads Dawson City Yukon CanadaCFYT Rolling Ads Dawson City Yukon Canada
CFYT Rolling Ads Dawson City Yukon Canada
pmenzies
 
Transit-Oriented Development Study Working Group Meeting
Transit-Oriented Development Study Working Group MeetingTransit-Oriented Development Study Working Group Meeting
Transit-Oriented Development Study Working Group Meeting
Cuyahoga County Planning Commission
 

Recently uploaded (20)

Practical guide for the celebration of World Environment Day on june 5th.
Practical guide for the celebration of World Environment Day on june 5th.Practical guide for the celebration of World Environment Day on june 5th.
Practical guide for the celebration of World Environment Day on june 5th.
 
快速办理(Bristol毕业证书)布里斯托大学毕业证Offer一模一样
快速办理(Bristol毕业证书)布里斯托大学毕业证Offer一模一样快速办理(Bristol毕业证书)布里斯托大学毕业证Offer一模一样
快速办理(Bristol毕业证书)布里斯托大学毕业证Offer一模一样
 
PUBLIC FINANCIAL MANAGEMENT SYSTEM (PFMS) and DBT.pptx
PUBLIC FINANCIAL MANAGEMENT SYSTEM (PFMS) and DBT.pptxPUBLIC FINANCIAL MANAGEMENT SYSTEM (PFMS) and DBT.pptx
PUBLIC FINANCIAL MANAGEMENT SYSTEM (PFMS) and DBT.pptx
 
2024: The FAR - Federal Acquisition Regulations, Part 38
2024: The FAR - Federal Acquisition Regulations, Part 382024: The FAR - Federal Acquisition Regulations, Part 38
2024: The FAR - Federal Acquisition Regulations, Part 38
 
2024: The FAR - Federal Acquisition Regulations, Part 39
2024: The FAR - Federal Acquisition Regulations, Part 392024: The FAR - Federal Acquisition Regulations, Part 39
2024: The FAR - Federal Acquisition Regulations, Part 39
 
AHMR volume 10 number 1 January-April 2024
AHMR volume 10 number 1 January-April 2024AHMR volume 10 number 1 January-April 2024
AHMR volume 10 number 1 January-April 2024
 
Border towns and spaces of (in)visibility.pdf
Border towns and spaces of (in)visibility.pdfBorder towns and spaces of (in)visibility.pdf
Border towns and spaces of (in)visibility.pdf
 
State crafting: Changes and challenges for managing the public finances
State crafting: Changes and challenges for managing the public financesState crafting: Changes and challenges for managing the public finances
State crafting: Changes and challenges for managing the public finances
 
在线办理美国乔治华盛顿大学毕业证(gwu毕业证书)学历学位证书原版一模一样
在线办理美国乔治华盛顿大学毕业证(gwu毕业证书)学历学位证书原版一模一样在线办理美国乔治华盛顿大学毕业证(gwu毕业证书)学历学位证书原版一模一样
在线办理美国乔治华盛顿大学毕业证(gwu毕业证书)学历学位证书原版一模一样
 
United Nations World Oceans Day 2024; June 8th " Awaken new dephts".
United Nations World Oceans Day 2024; June 8th " Awaken new dephts".United Nations World Oceans Day 2024; June 8th " Awaken new dephts".
United Nations World Oceans Day 2024; June 8th " Awaken new dephts".
 
PPT Item # 4 - 434 College Blvd. (sign. review)
PPT Item # 4 - 434 College Blvd. (sign. review)PPT Item # 4 - 434 College Blvd. (sign. review)
PPT Item # 4 - 434 College Blvd. (sign. review)
 
IEA World Energy Investment June 2024- Statistics
IEA World Energy Investment June 2024- StatisticsIEA World Energy Investment June 2024- Statistics
IEA World Energy Investment June 2024- Statistics
 
快速办理(UVM毕业证书)佛蒙特大学毕业证学位证一模一样
快速办理(UVM毕业证书)佛蒙特大学毕业证学位证一模一样快速办理(UVM毕业证书)佛蒙特大学毕业证学位证一模一样
快速办理(UVM毕业证书)佛蒙特大学毕业证学位证一模一样
 
在线办理(ISU毕业证书)爱荷华州立大学毕业证学历证书一模一样
在线办理(ISU毕业证书)爱荷华州立大学毕业证学历证书一模一样在线办理(ISU毕业证书)爱荷华州立大学毕业证学历证书一模一样
在线办理(ISU毕业证书)爱荷华州立大学毕业证学历证书一模一样
 
Item # 10 -- Historical Presv. Districts
Item # 10 -- Historical Presv. DistrictsItem # 10 -- Historical Presv. Districts
Item # 10 -- Historical Presv. Districts
 
原版制作(Hope毕业证书)利物浦霍普大学毕业证文凭证书一模一样
原版制作(Hope毕业证书)利物浦霍普大学毕业证文凭证书一模一样原版制作(Hope毕业证书)利物浦霍普大学毕业证文凭证书一模一样
原版制作(Hope毕业证书)利物浦霍普大学毕业证文凭证书一模一样
 
PPT Item # 7 - 231 Encino Avenue (sign. review)
PPT Item # 7 - 231 Encino Avenue (sign. review)PPT Item # 7 - 231 Encino Avenue (sign. review)
PPT Item # 7 - 231 Encino Avenue (sign. review)
 
CBO’s Outlook for U.S. Fertility Rates: 2024 to 2054
CBO’s Outlook for U.S. Fertility Rates: 2024 to 2054CBO’s Outlook for U.S. Fertility Rates: 2024 to 2054
CBO’s Outlook for U.S. Fertility Rates: 2024 to 2054
 
CFYT Rolling Ads Dawson City Yukon Canada
CFYT Rolling Ads Dawson City Yukon CanadaCFYT Rolling Ads Dawson City Yukon Canada
CFYT Rolling Ads Dawson City Yukon Canada
 
Transit-Oriented Development Study Working Group Meeting
Transit-Oriented Development Study Working Group MeetingTransit-Oriented Development Study Working Group Meeting
Transit-Oriented Development Study Working Group Meeting
 

Clasify information in education field

  • 1. CLASSIFICATION OF INFORMATION IN EDUCATION FIELD Prof. NEBOJŠA STEFANOVIĆ
  • 2. DEFINITION AND CLASSIFICATION OF INFORMATION • A set of new data about a fact, an event that increases The former level of knowledge. • Area of education is particularly dynamic In the receipt and exchange of information. • Setting security objectives. • The method receives information which unambiguously corresponding categorical tag represents the degree of sensitivity of information classification. • In accordance with a defined level of categories of managed information. 2
  • 3. CLASSIFICATION OF INFORMATION - TYPES SECRECY –PRESENT SITUATION • The level of impact of information is associated with the activities of the commissioner for information of public importance and personal data protection • Area classification is regulated by the law legislation. • Generally, information according to the type of secrecy are divided into the following categories: • ARMY, • STATE, • OFFICIAL. 3
  • 4. TYPES AND DEGREE SECRECY OF INFORMATION Certain types of classification to be added • Business and • Professional secret. The degree of secrecy is generally defined as state, strictly confidential, confidential and internal without determining the degree of classification. Wrong assumption that all other information that does not belong to the above treated as public information, phone numbers, addresses, .. (except personal). 4
  • 5. INFORMATIONS - INFORMATION SYSTEMS Different approach presented in this paper is based primarily on the integration of informations - information systems (IS) is based on a holistic approach to classifying information, the establishment of sustainable processes and operational implementation of categorization. 5
  • 6. SAFETY CATEGORY Security categories are based on the potential impact of events on the institution that endanger information and IS in accomplishing assigned tasks, asset protection, fulfillment of legal obligations and maintenance functions and the protection of individuals. The proposed three levels of influence • LOW, • MODERATE AND • HIGH 6
  • 7. SECURITY OBJECTIVES Mandatory security objectives are: • CONFIDENTIALITY, • INTEGRITY AND • THE AVAILABILITY OF INFORMATION Definitions: CONFIDENTIALITY - Represents preserving authorized restrictions on information access and disclosure, including means for personal privacy and information about property ownership. The loss of confidentiality is the unauthorized disclosure of information.7
  • 8. SECURITY OBJECTIVES • INTEGRITY - Is protection of the improper information modification or destruction of information, and includes providing information of authentication and non-repudiation. Loss of integrity is the unauthorized modification or destruction of data. • AVAILABILITY - Is the provision of timely and reliable access to and use of information. The loss of availability to interrupt access to or use of data or availability of an information system. 8
  • 9. LEVEL OF INFLUENCE • The potential impact is low if the loss of confidentiality, integrity and availability of such is to be expected limited negative impact on business operations, assets, or individuals. • The potential impact is moderate if the loss of confidentiality, integrity and availability such that it can be expected to have a serious negative impact on business operations, assets, or individuals and can cause significant drop capabilities in scope and duration that the institutions are able to perform as its primary function, 9
  • 10. LEVEL OF INFLUENCE • The potential impact is high if the loss of confidentiality, integrity and availability such that it can be expected to have a severe or catastrophic adverse effect on the operations or individuals. • Serious or catastrophic adverse effect means that, loss of confidentiality, integrity and availability may cause a serious decline or loss of ability in relation to the scope and duration so that the institution is unable to perform one or more of its basic functions and result in great damage on resources, large financial losses or cause a serious or catastrophic harm to individuals resulting in death or serious life threatening injuries. 10
  • 11. SECURITY CATEGORY EXPRESSION FORM SAFETY CATEGORY(TYPEOFINFORMATION) = {[(COFIDENTIALITY, INFLUENCE,); (INTEGRITY, INFLUENCE); (AVAILABILITY, INFLUENCE)} 11
  • 12. A METHOD OF CATEGORIZING • The methodology used to identify the type of information is as follows: • Identifying core business areas and tasks which supports IS considered; • Identifying the internal and / or external operations for each business area and the assigned task, area or business flows and description of IS in functional terms; • Identifying sub function necessary for the performance of each business areas or activities; • Identifying the main types of information with the identified sub-functions where necessary. 12
  • 13. 13 1 2 3 5 IDENTIFY THE TYPE OF INFORMATION CHOOSE THE TEMPORARY LEVE IMPACT INFORMATION CRITICAL EVELUATION ALLOCATED TO LEVEL OF INFLUENCE INFORMATION HARMONIZE LEVEL IMPACT OF INFORMATION ASSIGN SECURITY CATEGORY OF INFORMATION RECOMMENDATION FOR LEVEL IMPACT OF THE INFORMATION SYSTEM 4 RECOMENDATION FOR LEVEL IMPACT COMMON TYPE OF INFORMATION RECOMENDATION FOR LEVEL ON INFLUENCE OF SPECIFIC TYPE OF INFORMATION ASSIGN SAFETY LEVEL INFORMATION SYSTEM
  • 14. IMPLEMENTATION OF CLASSIFICATION • For the classification of confidential information in each educational institution it is necessary to establish a special expert working group to identify confidential information, ways of storing, transmitting, copying and destroying them. 14
  • 15. MANAGEMENT • Operating results of educational institutions consist of common and specific types of information. 15
  • 16. Management Information and technology management Information resource management Development system Human Resource Management Life Cycle / Change Management Human Resource Management IT security Manage earnings / expense reimbursements Information management information Training and development resources Financial management Manage confidentiality checks Accounting Employment Finances Administration Management Collections and receivables Facility Management / Time / Equipment Asset and Liability Management Ancillary services of the institution Reporting and information Security Supply Chain Management Management Procurement of goods Workplace Management and Development Policy Inventory control Maintenance system Procurement service Logistics management 16 THE BUSINESS MODEL OF EDUCATIONAL INSTITUTIONS
  • 17. OTHER FACTORS When the educational institution determines the level of influence and categorize safety by applying the above criteria, considering the effects on safety for each type of information, analyzing the aforementioned conditions in the table below: • Factors confidentiality common information • Factors integrity common information: • Factors availability of common information 17
  • 18. CATEGORIZATION OF INFORMATION IN EDUCATION FIELD. SECURITY OBJECTIVES LOW MODERATE HIGH Confidentiality Keeping the authorized limit access to information and discovery, including the means for personal privacy and ownership information. Unauthorized disclosure of information may have limited negative impact on business operations, assets, or individuals. Unauthorized disclosure of information may have a serious negative impact on business operations, assets, or individuals. Unauthorized disclosure could have serious or catastrophic bad impact on business operations, assets, or individuals. Integrity Storing information from unauthorized modification or destruction, and includes ensuring non-repudiation and authenticity of information. Unauthorized modification or destruction of information can have a limited negative impact on business operations, assets, or individuals. Unauthorized modification or destruction of information can have a serious negative impact on business operations, assets, or individuals. Unauthorized modification or destruction of information can have a severe or catastrophic adverse effect on business operations, assets, or individuals. Availability The provision of timely and reliable access to and use of information. Obstruction of access to information system or the use of data or may have a limited negative impact on business operations, assets, or individuals. Obstruction of access to information system or use of data can have a serious negative impact on business operations, assets, or individuals. Obstruction of access to information system or use of data can have serious negative or disastrous bad impact on business operations, assets, or individuals. 18
  • 19. RECOMMENDED SECURITY LEVEL INFORMATION Security categorization support the transfer of inf. Confidentiality Integrity Availability Public affairs Relations with local government / Ministry Moderate Moderate Low Jobs educational institutions Execution of the function of education Low Low Low Human Resources Management Strategy and Human resource management Low Low Low Internal risk management services Recovery costs of information system Moderate Low Low Information and management system System development Low Moderate Low IT System maintenance Moderate Moderate Niska Maintenance of infrastructure IS Niska Moderate Moderate 19
  • 20. WHICH WAY TO GO • Creating a catalog of information • Determining the degree of granulation information 20
  • 21. BUSINESS AREAS MINISTRY OF EDUCATUON REPUBLIC OF SERBIA • Information in the primary, secondary and vocational education, • Information in higher education • Other types of information in education, • Information regarding counseling and types of consulting information, • Information related to permits and licenses, • Information related to the implementation and respect of legislation regarding inspection and audit, • Information about the security of certain kinds of information, • Information related to the information system and monitoring networks • Information exchange type of information, • Information of general-purpose and statistical information 21
  • 22. CONCLUSION • Disorganized system of protection of information is reflected in security. • The awareness of employees about the importance of compliance with data protection regulations still not at a satisfactory level. • Adopting regulations, directives and other regulations governing protection of information and practical application in dealing with classified information and continuous training of employees in the areas of information security. • Join the categorization of information by defining security objectives. • Access and categorization of is that create, preserve, process and transmit such information. • Security categorization does not require the investment 22