This objective ensures that information and assets are handled in ways that maintain their confidentiality, integrity, and availability according to their classification and value. Handling requirements define how assets should be stored, transmitted, shared, and destroyed to reduce risk and meet compliance obligations.