-
Notifications
You must be signed in to change notification settings - Fork 0
Asset management policy
To identify organizational assets and define appropriate protection responsibilities. To ensure that information receives an appropriate level of protection in accordance with its importance to the organization. To prevent unauthorized disclosure, modification, removal, or destruction of information stored on media.
This policy applies to all Nevercode owned or managed information systems.
Assets associated with information and information processing facilities that store, process, or transmit classified information shall be identified and an inventory of these assets shall be created and maintained.
Assets maintained in the inventory shall be owned by a specific individual or group within Nevercode LTD.
Rules for the acceptable use of information, assets, and information processing facilities shall be identified and documented in the *Acceptable Use Policy.
All Nevercode LTD personnel must immediately report the loss of any information systems, including portable or laptop computers, smartphones, PDAs, authentication tokens (keyfobs, one-time-password generators, or personally owned smartphones or devices with a Nevercode LTD software authentication token installed) or other devices that can store and process or help grant access to Nevercode LTD data.
All personnel and third-party users of Nevercode LTD equipment shall return all organization assets in their possession upon termination of their employment, contract, or agreement.
Handling of Assets is governed by the Acceptable Use policy
Company devices and media that stored or processed confidential data shall be securely disposed of when no longer needed.
Any physical assets owned by customers shall be promptly returned to the customer following service termination in accordance with the terms of contract or service agreement.
Requests for an exception to this policy must be submitted to the CTO for approval.
Any known violations of this policy should be reported to the CTO. Violations of this policy may result in immediate withdrawal or suspension of system and network privileges and/or disciplinary action, in accordance with company procedures, up to and including termination of employment.