Expert Advice Community

Guest

ISO 27001 Implementation- A8 Assets Management

  Quote
Guest
Guest user Created:   Apr 06, 2017 Last commented:   Apr 06, 2017

ISO 27001 Implementation- A8 Assets Management

I want clarity on the above subject matter.
0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 06, 2017

I am documenting the assets inventory template as per the purchased ISO 27001 toolkit.

Under assets category, mostly the INFRASTRUCTURE and OUTSOURCED SERVICES.

1 - In the company, we have workstations, and for each workstation we got different assets like PC, Monitor, keyboard, mouse etc. So my question is while documenting this, should I state the workstation as an asset or should I list all the components mentioned as assets for the document to be ISO 27001 compliant?

Answer: If there is no specific reason to list the individual assets separately you can refer to them as workstation in your inventory. You only have to include in the notes column a comment describing the parts that make up the workstation.

This article will provide you further explanation about assets management implementation:
- How to handle Asset register (Asset inventory) according to ISO 27001 https://advisera.com/27001academy/knowledgebase/how-to-handle-asset-register-asset-inventory-according-to-iso-27001/

2 - My other question concerns the outsourced services, in my case the office space and the data centers are leased from 3rd parties. So is the policies and ISO 27001 certificates enough evidence to be used?

Answer: No. Regarding outsourced services you also should include the contracts or agreements you have with them, which should include clauses covering security measures the outsourced services should fulfil.

This article will provide you further explanation about handling suppliers:
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 06, 2017

Apr 06, 2017

Suggested Topics