Scribd Logo
Upload

Welcome to Scribd!

  • 12 views

    Annex A.8.1.4)

    Uploaded by

    I'm sunflower
    All employees and external users are expected to return any organizational assets upon ending their employment or contract. The termination process should be formalized to include returning all physical and electronic assets. Any important knowledge should be documented and transferred to the organization. If assets are not returned, it should be logged as a security incident unless otherwise agreed upon. Procedures ensure information is transferred or erased from equipment purchased by or belonging to the departing individual. During the notice period, unauthorized copying of information is controlled.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Annex A.8.1.4)

    Uploaded by

    I'm sunflower
    12 views2 pages
    All employees and external users are expected to return any organizational assets upon ending their employment or contract. The termination process should be formalized to include returning all physical and electronic assets. Any important knowledge should be documented and transferred to the organization. If assets are not returned, it should be logged as a security incident unless otherwise agreed upon. Procedures ensure information is transferred or erased from equipment purchased by or belonging to the departing individual. During the notice period, unauthorized copying of information is controlled.

    Original Description:

    Original Title

    Untitled

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    All employees and external users are expected to return any organizational assets upon ending their employment or contract. The termination process should be formalized to include returning all physical and electronic assets. Any important knowledge should be documented and transferred to the organization. If assets are not returned, it should be logged as a security incident unless otherwise agreed upon. Procedures ensure information is transferred or erased from equipment purchased by or belonging to the departing individual. During the notice period, unauthorized copying of information is controlled.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    12 views2 pages

    Annex A.8.1.4)

    Uploaded by

    I'm sunflower
    All employees and external users are expected to return any organizational assets upon ending their employment or contract. The termination process should be formalized to include returning all physical and electronic assets. Any important knowledge should be documented and transferred to the organization. If assets are not returned, it should be logged as a security incident unless otherwise agreed upon. Procedures ensure information is transferred or erased from equipment purchased by or belonging to the departing individual. During the notice period, unauthorized copying of information is controlled.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 2

    Return of Asset

     All employees and external party users are expected to return any organisational and
    information assets upon termination of their employment, contract, or agreement. As such
    it must be an obligation for employees and external users to return all the assets and these
    obligations would be expected in the relevant agreements with staff, contractors, and
    others. (ISO 27001 – Annex A.8.1.4)
     The termination process should be formalized to include the return of all previously issued
    physical and electronic assets owned by or entrusted to the organization. (ISO 27001 –
    Annex A.8.1.4)
     In cases where an employee or external party user has knowledge that is important to
    ongoing operations that information should be documented and transferred to the
    organization. (ISO 27001 – Annex A.8.1.4)
     Where assets are not returned according to the process, unless otherwise agreed and
    documented as part of the exit process, the non-return should be logged as a security
    incident. (ISO 27001 – Annex A.8.1.4)
     In cases where an employee or external party user purchases the organization’s equipment
    or uses their own personal equipment, procedures should be followed to ensure that all
    relevant information is transferred to the organization and securely erased from the
    equipment. (ISO 27001 – Annex A.8.1.4)
     During the notice period of termination, the organization should control the unauthorized
    copying of relevant information (e.g. intellectual property) by terminated employees and
    contractors. (ISO 27001 – Annex A.8.1.4)
    References:

    https://www.isms.online/iso-27001/annex-a-8-asset-management/

    https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf

    https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-64r2.pdf

    You might also like