DCH — Data Classification & Handling
85 controls in the Data Classification & Handling domain
DCH-01Data Protection
DCH-01.1Data Stewardship
DCH-01.2Sensitive / Regulated Data Protection
DCH-01.3Sensitive / Regulated Media Records
DCH-01.4Defining Access Authorizations for Sensitive / Regulated Data
DCH-02Data & Asset Classification
DCH-02.1Highest Classification Level
DCH-03Media Access
DCH-03.1Disclosure of Information
DCH-03.2Masking Displayed Data
DCH-03.3Controlled Release
DCH-04Media Marking
DCH-04.1Automated Marking
DCH-05Cybersecurity & Data Protection Attributes
DCH-05.1Dynamic Attribute Association
DCH-05.2Attribute Value Changes By Authorized Individuals
DCH-05.3Maintenance of Attribute Associations By System
DCH-05.4Association of Attributes By Authorized Individuals
DCH-05.5Attribute Displays for Output Devices
DCH-05.6Data Subject Attribute Associations
DCH-05.7Consistent Attribute Interpretation
DCH-05.8Identity Association Techniques & Technologies
DCH-05.9Attribute Reassignment
DCH-05.10Attribute Configuration By Authorized Individuals
DCH-05.11Audit Changes
DCH-06Media Storage
DCH-06.1Physically Secure All Media
DCH-06.2Sensitive Data Inventories
DCH-06.3Periodic Scans for Sensitive / Regulated Data
DCH-06.4Making Sensitive Data Unreadable In Storage
DCH-06.5Storing Authentication Data
DCH-07Media Transportation
DCH-07.1Custodians
DCH-07.2Encrypting Data In Storage Media
DCH-08Physical Media Disposal
DCH-09System Media Sanitization
DCH-09.1System Media Sanitization Documentation
DCH-09.2Equipment Testing
DCH-09.3Sanitization of Personal Data (PD)
DCH-09.4First Time Use Sanitization
DCH-09.5Dual Authorization for Sensitive Data Destruction
DCH-10Media Use
DCH-10.1Limitations on Use
DCH-10.2Prohibit Use Without Owner
DCH-11Data Reclassification
DCH-12Removable Media Security
DCH-13Use of External Technology Assets, Applications and/or Services (TAAS)
DCH-13.1Limits of Authorized Use
DCH-13.2Portable Storage Devices
DCH-13.3Protecting Sensitive / Regulated Data on External Technology Assets, Applications and/or Services (TAAS)
DCH-13.4Non-Organizationally Owned Technology Assets, Applications and/or Services (TAAS)
DCH-14Information Sharing
DCH-14.1Information Search & Retrieval
DCH-14.2Transfer Authorizations
DCH-14.3Data Access Mapping
DCH-15Publicly Accessible Content
DCH-16Data Mining Protection
DCH-17Ad-Hoc Transfers
DCH-18Media & Data Retention
DCH-18.1Minimize Sensitive / Regulated Data
DCH-18.2Limit Sensitive / Regulated Data In Testing, Training & Research
DCH-18.3Temporary Files Containing Personal Data (PD)
DCH-19Geographic Location of Data
DCH-20Archived Data Sets
DCH-21Information Disposal
DCH-22Data Quality Operations
DCH-22.1Updating & Correcting Personal Data (PD)
DCH-22.2Data Tags
DCH-22.3Primary Source Personal Data (PD) Collection
DCH-23De-Identification (Anonymization)
DCH-23.1De-Identify Dataset Upon Collection
DCH-23.2Archiving
DCH-23.3Release
DCH-23.4Removal, Masking, Encryption, Hashing or Replacement of Direct Identifiers
DCH-23.5Statistical Disclosure Control
DCH-23.6Differential Data Privacy
DCH-23.7Automated De-Identification of Sensitive Data
DCH-23.8Motivated Intruder
DCH-23.9Code Names
DCH-24Information Location
DCH-24.1Automated Tools to Support Information Location
DCH-25Transfer of Sensitive and/or Regulated Data
DCH-25.1Transfer Activity Limits
DCH-26Data Localization
DCH-27Data Rights Management (DRM)