Information Classification Policy

While the OpenTitan project tries to maintain as much information transparency as possible, there are times when sensitive information may need to have restricted access. It is important that those types of information are restricted to the correct audiences and clearly marked as described in this document.

Information classification tiers

Restricted Only a small set of people who need to know should know and have access. The set of people with access may be specific to the document, and managed by a Google Group. Or the document may be within a Shared Drive with limited access (for example Technical Committee documents).

Certification Sensitive Certification sensitive information.

Confidential Confidential data is is available to a limited set of people at the project level. Contributors, the Technical Committee and the Governing Board have access to this information.

Internal Internal data is non-public information that is fully shared at the project level. All OpenTitan contributors from member organizations have access to this information.

Public Documents which are available to the public, including all material on this web site.

Marking documents

Documents should be marked at the very top of the file top in red with their classification if Restricted, Cert Sensitive or Confidential.

Any Google Document which is stored on a Shared Drive should use the File sensitivity label to indicate the document rating. This can can be applied via File > Labels.

Public information is generally not marked or labelled.

Discussing in meetings

Some meetings are understood to include restricted information, such as Technical Committee meetings. In these there is a general expectation that content and minutes will be restricted.

Good practices in managing meeting minutes are below:

• Be clear when starting to discuss a sensitive topic, so that everyone understands the basis of the information which is then discussed up front.
• If a topic is not to be minuted, this should be stated before the discussion starts, along with the point where minuting should resume.
• If a more sensitive topic has been discussed, one of two actions should be taken by the Chair before the minutes are circulated.
  • The meeting notes' overall classification should be updated to reflect the new material.
  • The sensitive information should be removed to another document.
• If information is accidentally shared with people who should not have access to it:
  • Let those people know that the information is restricted and at what level.
  • If the information is written, change the access to it or mark it appropriately.