Return of assets control
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Answer:
The return of assets control has the objective to ensure the return of all organizati onal assets in the possession of employees or contractors upon termination of their work relationship. Considering that, you must include in your list all assets of the organization that are in their possession, that can pose an unacceptable risk to information security. Regarding personal assets, it is important to record them so you can know where your information, may be stored. When personnel is leaving the organization you should check if all organizational assets were returned, and if information on personal devices were deleted.
The application of this control may be tricky in organizations where personnel often use their own equipment, due to privacy questions, or the organization has several mobile equipments, so you should consider defining clearly who and in what circumstances of personnel is responsible for assets that can easily be moved out of organization's premises.
These materials can help you regarding use of personal device:
- How to write an easy-to-use BYOD policy compliant with ISO 27001 https://advisera.com/27001academy/blog/2015/09/07/how-to-write-an-easy-to-use-byod-policy-compliant-with-iso-27001/
- Bring Your Own Device (BYOD) Policy https://advisera.com/27001academy/documentation/bring-your-own-device-byod-policy/
Comment as guest or Sign in
Aug 16, 2018