cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
tmekelburg1
Community Champion

Re: Types of information systems


@CraginS wrote:

 

Consider, instead, various dimensions for the systems, based on things you must do to support them. For instance:

Classification level (sensitivity) of the stored information, such as privacy, HIPPA, entrprise proprietary, etc.

Access breadth, such as internal users only, shared with contracted associates, and public facing.

Legal storage and archiving requirements.

Infrastructure management such as HVAC, elevators control, network management.

Continuity of Operations requirements for backup, fail over, offsite storage, etc.

... and so on.


You bring up a good point here. Determining the data types and business processes the systems are used in are more important than just classifying by the system type alone. For example, a low, medium, or high impact level designation if CIA are compromised.