3.3.3 Asset Management
| No: 381000091275 | Date(g): 24/5/2017 | Date(h): 28/8/1438 | Status: In-Force |
Effective from May 24 2017 - May 23 2017
To view other versions open the versions tab on the right
Principle
The Member Organization should define, approve, implement, communicate and monitor an asset management process, which supports an accurate, up-to-date and unified asset register.
Objective
To support the Member Organization in having an accurate and up-to-date inventory and central insight in the physical / logical location and relevant details of all available information assets, in order to support its processes, such as financial, procurement, IT and cyber security processes.
Control considerations
| 1. | The asset management process should be defined, approved and implemented. | |
| 2. | The effectiveness of the asset management process should be monitored, measured and periodically evaluated. | |
| 3. | The asset management process should include: | |
| a. | a unified register; | |
| b. | ownership and custodianship of information assets; | |
| c. | the reference to relevant other processes, depending on asset management; | |
| d. | information asset classification, labeling and handling; | |
| e. | the discovery of new information assets. | |