| Data Classification Guidelines | System Risk AnalysisPersonally Identifiable Information | Data Classification Policy | Managing University Data |

There are a few ways to help users/admins/data owners readily determine the classification of a particular dataset. If you are uncertain as to how to classify the data stored on or manipulated by your systems, refer to the following two examples – a process flow chart and below that matrix.

Data Types version 1

 

The matrix shows the three criteria that are used to define the data category for a given system or set of data. The criteria are Confidentiality, Integrity, and Availability, defined as follows:

Confidentiality refers to the privacy of an information asset. Specifically, confidentiality can be defined as which people, under what conditions, are authorized to access an information asset.
Integrity relates to the trustworthiness of data. There are two primary properties to consider when evaluating it. First, the notion that an asset should be trusted; there is an expectation that authorized users will only modify an asset in appropriate ways. The second aspect of integrity is when data is damaged, or incorrectly altered by authorized or unauthorized users, you must consider how important it is that the data be restored to a trustworthy state with minimum loss.
Availability describes the importance of information access by an authorized person, entity, service, or device when it’s needed, and the impact on the institution if its not available. As a general rule, the more time critical data is, the higher its availability ranking will be.

 

These criteria should be used to determine which data classification is appropriate. A positive response to the highest level in ANY row is sufficient to place the data into that respective classification. Use this chart to select the appropriate classification level for each of the following categories of confidentiality, integrity, and availability.

Data Classification Weighting

  LEVEL I
Low Sensitivity
LEVEL II
Moderate Sensitivity
LEVEL III
High Sensitivity
Need for Confidentiality Low
Optional
Public
Medium
Recommended
Non-Public or Internal
High
Required
Confidential/Restricted
  AND/OR AND/OR AND/OR
Need for Integrity Low Risk
Optional
Easily Reproducible
Medium Risk
Recommended
Internally Trusted
High Risk
Required
Official or Highly Trusted Data
  AND/OR AND/OR AND/OR
Need for Availability Low Impact
Optional
Informational or Non-Critical
Medium Impact
Recommended
Normal Services
High Impact
Required
Critical or Campus-wide service

Examples

This section illustrates how to classify some familiar data using the Confidentiality, Integrity, Availability (CIA) criteria.

Caveat: It should be noted that the ratings listed in the examples below are all based on the individual information asset. While it is important to identify and rate an asset on an individual basis, it is equally important to look at the other information assets that may be affected by a loss in confidentiality, integrity, or availability in the asset being rated.

 

Online Library Catalog:LEVEL II Data (Moderate Sensitivity)

The online library catalog has an optional (low) need for confidentiality since the catalog is public and we want students, faculty, staff and visitors to be able to use the library resources. The need for integrity is recommended (medium risk) because we do not want the catalog to be changed, whether by accident or maliciously.  The need for availability is recommended (medium impact) because there is no paper alternative and the University of Iowa probably wouldn’t experience a long-term loss of reputation and a long-term loss of research funding if the library catalog is unavailable for a short period of time.

Summary data classification of online library catalog:

Need for Confidentiality is optional (low)
Need for Integrity is recommended (medium risk)
Need for Availability is recommended (medium impact)

Since at least one of the CIA conditions is recommended in this case both Integrity and Availability, the online library catalog is classified as LEVEL II data and should be protected appropriately.

 

Faculty Grade Books: LEVEL II Data (Moderate Sensitivity)

The grade books faculty maintain with student id’s and grades has a recommended (medium) need for confidentiality since only the official records, transcripts are highly sensitive.  The need for integrity is recommended (medium risk) because we do not want the grades to be changed, whether by accident or maliciously.  The need for availability is recommended (medium impact) because there is no paper alternative and the University of Iowa probably wouldn’t experience a long-term loss of reputation and a long-term loss of research funding if an individual faculty members grade book is unavailable for a short period of time.

Summary data classification of faculty student grades (grade books):

Need for Confidentiality is recommended (medium)
Need for Integrity is recommended (medium risk)
Need for Availability is recommended (medium impact)

Since at least one of the CIA conditions is recommended in this case Confidentiality, Integrity and Availability, faculty grade books are classified as LEVEL II data and should be protected appropriately.

 

Student Records: LEVEL III Data (High Sensitivity)

Student records maintained by faculty with disciplinary issues or records containing social security numbers have a required need for confidentiality (high) since this information must never be publicly exposed due to federal laws like FERPA.  The need for integrity is recommended (medium risk) because we do not want these records to be changed, whether by accident or maliciously.  The need for availability is recommended (medium impact) because there is likely no paper alternative and the University of Iowa probably wouldn’t experience a long-term loss of reputation and a long-term loss of research funding if an individual faculty members student records were unavailable for a short period of time.

Summary data classification of faculty student grades (grade books):

Need for Confidentiality is required (high)
Need for Integrity is recommended (medium risk)
Need for Availability is recommended (medium impact)

Since at least one of the CIA conditions is required, in this case Confidentiality, student records are classified as LEVEL III data and should be protected appropriately.

 

Research Data: LEVEL III Data (High Sensitivity)

Sensitive research data is required to be confidential (high) due to various factors, including human subject data, intellectual property rights, large grant funding, etc.  Integrity of the research is required (high risk) because the data must be accurate and free from errors.  Availability is recommended (medium impact), because The University of Iowa is not necessarily in any danger or in violation of any law if the data is unavailable for a period of time.

Summary of sensitive research data:

Need for Confidentiality is required (high)
Need for Integrity is required (high risk)
Need for Availability is recommended (medium impact)

Since at least one of the CIA conditions is required (high), in this case both Confidentiality and Integrity, research data is classified as LEVEL III data and should be protected appropriately.

 

Professor's Blog: LEVEL I Data (Low Sensitivity)

A blog is by its very nature designed to be shared with the world.  The confidentiality requirement is therefore optional (low).  If the contents of the blog are changed, there would be little to no impact on the ability of the department or the university to carry out their missions.  The need for integrity is therefore optional (low risk).  The need for availability is also optional (low impact) because, should the blog be taken offline for a period of time, the only primary people affected would be the readers of the blog.  The department and university should be able to carry on business as usual, while the blog was restored or recreated.

Summary of a professor's blog hosted on a departmental server:

Need for Confidentiality is optional (low)
Need for Integrity is optional (low risk)
Need for Availability is optional (low impact)

Since at all of the CIA conditions are optional (low), a professor's blog hosted on a departmental server is classified as LEVEL I data and should be protected appropriately.

The confidentiality, integrity, and availability ratings are useful to help determine and assess the risk of your information assets. It helps create a better understanding of which assets are the most critical, as well as allowing you to prioritize and develop effective actions to protect the assets most at risk. Remember, some institutional data, particularly LEVEL III (High Sensitivity/ Restricted) data, must be protected according to specific criteria outlined in the University’s Institutional Data Access Policy.