ISO 27001 Annex : A.8.1.3 Acceptable Use of Assets & A.8.1.4 Return of Assets


ISO 27001 Annex : A.8.1.3 Acceptable Use of Assets & A.8.1.4 Return of Assets this is a part of assets management previous article was based on same which is continue in this article.
A.8.1.3 Acceptable Use of Assets
Control- Rules should be identified, documented, and implemented for the acceptable use of information and assets linked to information and information processing facilities.
Implementation Guidance- The information security requirements of the organization’s assets along with information and information processing facilities and resources should be made aware to employees and external users who use or have access to the company ‘s assets. They will be responsible for their use and all other usage carried out on their own responsibility, of any information processing services.
A.8.1.4 Return of Assets
Control- Both workers and external stakeholders must return all of the organizational assets in their possession upon termination of their job, contract or agreement
Implementation Guidance- The termination process must be legally concluded with the return of all tangible and electronic assets previously assigned owned or entrusted to the organization.
When an employee or external user buys the equipment of the company or uses his / her own personal equipment, it is important to follow protocols to ensure that all relevant information is transmitted to the company and safely removed from the equipment.
In situations where an employee or external user is aware that this information is necessary for ongoing operations, it should be reported and transmitted to the organization. During the notice period of termination, unauthorized copying of sensitive information ( e.g. intellectual property) by terminated workers and contractors should be monitored by the company.
At Infosavvy we have our trainers as our assets who are skilled and well-trained in various courses in the field of information security and we are also eligible for one of the most important certificates in the area of information security. i.e. IRCA CQI ISO 27001:2013 Lead Auditor (LA) and ISO 27001 Lead Implementer (LI) (TÃœV SÃœD Certification) . Our trainers can empower you to do better asset management by providing you with in-depth information and numerous examples for the same, helping the applicant to improve their skills and do well.
------------------------------------------------------------------------------------------------------------
This Blog Article is posted by
Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092
Contact us – www.info-savvy.com

Comments

Post a Comment

Popular posts from this blog

10 Secrets You Will Never Know About Cyber Security And Its Important

ISO 27001 Annex : A.5 Information Security Policies

Impact Of ISO 27001 Lead Auditor