Professional Documents
Culture Documents
DOC. 8.1 VERSION 1.0 Policy For Assest Management
DOC. 8.1 VERSION 1.0 Policy For Assest Management
DOCUMENT 8.1
VERSION 1.0
Contact Details
Phone No. :0124-4201824
Website: www.thinktalent.co
3. What is Asset?
An asset is anything that has value to the organization. Assets typically consist of the
following categories, but will differ dependent on the organization:
• Data – In its raw form, the information we want to protect. This includes both
paper-based and digital information. i.e. not only in electronic media (databases,
files in PDF, Word, Excel, and other formats), but also in paper and other form. and
is the core of our whole information security management system. When
developing the inventory of assets, you would not want to go down to database,
file or field level as this would result in a huge inventory.
• Hardware – End user devices, firewalls, switches, routers, servers are all hardware
items that our system would want to protect. Although some of these network
devices do not store data directly, compromise or loss of them would have an
impact on the confidentiality, integrity and availability of our data.
• Software – Should include commercial software products as well as bespoke
applications, and any internally developed applications or source code. It is likely
that the focus will be on the backend database supporting the application, but as
above loss or compromise of the application server may indirectly affect the CIA
(Confidentiality, integrity, and availability) of the asses.
4. IT Asset?
IT asset is the asset that related to the processing of digital information. Types of IT asset include
hardware, software, digital storage media, IT services, etc.
5. Information Asset?
Information asset can be IT asset and non-IT asset. Information assets are knowledge and data that
are of value to the Think Talent Services regardless of form or format.
6. Information Resources
All data and information, as well as the hardware, software, personnel and procedures on collecting,
storing, processing and generating of such data and information. This includes data networks,
servers, PC’s, storage media, printers, photo copiers, fax machines, supporting equipment, and back-
up media.
Medium This asset is important to business operations. Detrimental, legal breach and
damage/embarrassment which could be resulted if the asset is damaged or its
confidentiality, integrity or availability is/are lost.
Low This asset is useful to business operations. The loss of confidentiality, integrity
or availability of the asset will have minimal or little business, legal damage or
embarrassment.
As long as the said assets are outside the organization, they have to be controlled by the person who
was granted permission for their removal.
16.Exception
Any exception to this Policy must be approved by information Security Management System in
advance.