Personal computer in the Inventory of assets
Assign topic to the user
Basically this is not recommendable, because there can be a risk which the organization cannot control (who updates the software?, who buys the anti-virus?, who makes the backups?).
To mitigate such risks (for the equipment that are not included in your scope, i.e. not in your asset inventory), you should develop a policy for the use of personal equipment of the personnel, it is known usually as BYOD (Bring Your Own Device).
You can use this template for the development of this policy Bring Your Own Device (BYOD) Policy: https://advisera.com/27001academy/documentation/bring-your-own-device-byod-policy/
Comment as guest or Sign in
Jan 12, 2016