The Asset Security domain focuses on collecting,
               handling, and protecting information throughout its lifecycle. A
               primary step in this domain is classifying information based on its
               value to the organization.

               All follow-on actions vary depending on the classification. For
               example, highly classified data requires stringent security controls. In

               contrast, unclassified data uses fewer security controls.