Data and information has an appropriate level of security - Rationale Adequate security of data and information prevents unauthorized use, supports the integrity of XXX and guarantees the continuity of business processes and services. - Implication Complying with the XXX policy on the security of data and information. This consists of a framework for Information Security, a risk-driven approach and a classification system to determine the desired level of security, and sets of measures appropriate to the importance (for XXX and for individuals) of the data and information.