Expert Advice Community

Guest

End of life and ISO 27001

  Quote
Guest
Guest user Created:   May 25, 2021 Last commented:   May 25, 2021

End of life and ISO 27001

I hope you are well and you have been having a great week so far. I was wondering could one of your highly experienced consultant answer the following ISO 27001 question. Part of ISO 27001 we need to main an end of life process for equipment’s and maintain a system of managing re-use of the same equipment lets say in the scenario someone leaves the company etc. My question is we are 100% remote based working from several location around the world for example ***, *** and ***. How do devise a plan for such a scenario. Genuinely don’t know how to approach this. Should we pay a third – party company to manage if so how does the different location and lack of physical office structure come into play.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 25, 2021

Using third parties with a physical presence in remote locations to manage corporate equipment is an acceptable solution for ISO 27001. In this situation, you also need to consider signing contracts or service level agreements including information security clauses to increase information protection (specifically how to dispose or re-use equipment).

In case hiring third parties to collect or receive the equipment is not a viable solution, an alternative you can consider is the use of BYOD, where employees use their own devices to work, implementing software that either forbids the storage of corporate information locally in the device (e.g., employees can only access corporate resources through a virtual machine) or that allows a remote full reset of the device.

Normally, these rules are implemented through a BYOD policy, which you can see how it looks like at this link: https://advisera.com/27001academy/documentation/bring-your-own-device-byod-policy/

This article will provide you a further explanation about the supplier relationship:

This article will provide you a further explanation about BYOD policy:

These materials will also help you regarding supplier management and BYOD:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 25, 2021

May 25, 2021