Mechanisms exist to ensure data and assets are categorized in accordance with applicable statutory, regulatory and contractual requirements.
Does the organization ensure data and assets are categorized in accordance with applicable statutory, regulatory and contractual requirements?