Page 45 - Ipsos
P. 45
Information Classification: Internal Use
Ipsos Book of Policies & Procedures
This policy specifies control guidelines in the following areas:
- Information classification
- Information labeling
- Information usage
- Information retention
- Information destruction
- E-Mail data and E-mail account retention
2.4 Applicability
This policy is applicable to all business units and companies of Ipsos worldwide, including wholly
owned subsidiaries and joint ventures in which Ipsos has a controlling interest or management
responsibility.
It applies to all Ipsos employees, contractors and vendors
3.0 Responsibilities
3.1 Communication and Maintenance Responsibilities
Responsibility Person responsible
Maintaining the policy Global CIO, Global Information Security Director and General
Counsel
Implementation of the policy at the country level Country Manager and BU Managers
Communication of the policy within the BU IT Services directors
Organising appropriate training in order to comply with the policy IT Services directors with HR support
Global Information Security Director and Internal Audit
Monitoring compliance with the policy
3.2 Assets owners responsibility
Each Asset (Information) Owner in the Group is responsible of the following tasks and controls
in compliance with the guidelines set out in this policy:
- Classifying the information and determining its sensitivity;
Page 5 of 22
