Expert Advice Community

Home / ISO 27001 & 22301 / Personal computer in the Inventory of assets

Guest

Personal computer in the Inventory of assets

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Personal computer in the Inventory of assets

ISO 27001 & 22301
If an employee using the personal computer in the company, such equipment must be included in the inventory of assets?
0 0

Assign topic to the user

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Guest
DejanK Jan 12, 2016

Basically this is not recommendable, because there can be a risk which the organization cannot control (who updates the software?, who buys the anti-virus?, who makes the backups?).

To mitigate such risks (for the equipment that are not included in your scope, i.e. not in your asset inventory), you should develop a policy for the use of personal equipment of the personnel, it is known usually as “BYOD” (Bring Your Own Device).

You can use this template for the development of this policy “Bring Your Own Device (BYOD) Policy”: https://advisera.com/27001academy/documentation/bring-your-own-device-byod-policy/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Guest user Created:   Oct 31, 2023 ISO 27001 & 22301
Replies: 1
0 0

Question on risk register and selection of the assets
Guest user Created:   Aug 10, 2023 ISO 27001 & 22301
Replies: 1
0 0

What asset to list when Risks relate to general or high-level assets?
Guest user Created:   Aug 01, 2023 ISO 27001 & 22301
Replies: 2
0 0

Impact column in Asset Inventory