At AAU, we want to protect our information against accidental access, disclosure and the risk of data being compromised in any way and to ensure compliance with all relevant security regulations, ISO standards and applicable legislation governing, among other things, the protection of personal data.
In order to ensure the confidentiality of our information, a classification model is applied which defines the correct handling of data and the labelling of information, as required. Regardless of the classification level, systems may be in existence for controlling access to information at several levels.
Data owners are responsible for specifying the classification level of their information.
By loss is meant financial loss and/or loss of reputation.
AAU’s data classification model is applicable for all new systems and data. For existing systems and data, the system and data owners are responsible for preparing a plan for improvements based on a documented risk assessment.