I have been tasked by my couny government employer to formulate and draft an asset management policy from scrach and i have no idea of where to start.
Kindly send me samples for cities in Africa,Europe and North America etc for comparison and then advice on were to start and the road map, key milestones and any other information you think i might need.
Answer:
I am sorry but we work only with documents that are mandatory for the implementation of the ISO 27001 (and ISO 22301), and it is not mandatory to have an asset management policy. A mandatory document is the inventory of assets, and I think that this article can be interesting for you How to handle Asset register (Asset inventory) according to ISO 27001 : https://advisera.com/27001academy/knowledgebase/how-to-handle-asset-register-asset-inventory-according-to-iso-27001/
Also if you want to see the list of mandatory documents, you can see this List of mandatory documents required by ISO 27001 (2013 revision) : https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/
Anyway, I think that you can use the first article to write your own asset management policy, identifying requisites and establishing them in your policy. For example: Assets can be Hardware, software, information, etc.
Comment as guest or Sign in
Jan 12, 2016