Server's decommissioning
Is there any standard regulation to treatment from Server's decommissioning? I'm structuring the project scope and collecting data information regarding the regulations and information requirements that need to be observed before the definitive information discard. The project will be developing the new process to right server's decommissioning standard to be applied to all types of servers.
Assign topic to the user
ISO 27001 does not prescribe how to proceed with the server decommissioning, but you can consult the NIST Cybersecurity Framework for guidance:
- PR.DS-3: Assets are formally managed throughout removal, transfers, and disposition https://csf.tools/reference/nist-cybersecurity-framework/v1-1/pr/pr-ds/pr-ds-3/
Please note that NIST standards are not mandatory for ISO 27001 implementation or certification.
Comment as guest or Sign in
Nov 14, 2022