Assess the level of protection
When assessing the level of protection for data and information managed in a research project, consider the consequences for individuals, your own organisation and external parties if the information were to be disclosed, corrupted or not available.
The level of protection is determined based on three main aspects: confidentiality (C), integrity (I) and availability (A). Together, these form a CIA value that determines how the information should be protected. The protection value is given in the range 1–4.
Once you know the protection value of the information processing, you can start planning information and data management in the project and adapt the protection. In connection with this, you can also conduct a risk and vulnerability analysis.
Always match the level of protection for data and information in your project with the level of protection various IT solutions can offer before you manage data in an IT system.
Download templates and read more about information classification on Aktum (UMU ID required)
Does your department have a general information classification?
If your department has already conducted a general information classification of information security, cybersecurity and data protection within your research field, much of the work has already been done for you.
You can use the simplified information classification process in your research project based on the general information classification and by following the security measures the department found suitable and proportional in their risk assessment. This could be technical solutions and routines for protecting research data and minimise risks in your project.
Ask the head of your department if they have a "General information classification with security measures" for your research field.
Training and courses in risk and vulnerability analysis
You can participate in a workshop where you learn to conduct information classification and risk and vulnerability analyses.
Find upcoming courses in EduAdmin
Do you have questions about research data?
The University has a cross-functional team that supports you with research data issues in areas such as archiving, legal affairs, IT support, open data, and information security. You can contact the research data support team using the following form:
Contact the research data support team if you have questions