Sample Asset Management Policy:

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 17:40, 14 January 2014 by Mdpeters (talk | contribs) (→‎Document Examples)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Sample Asset Management Standard

The Asset Management Standard defines Company objectives for establishing specific standards for the management of the networks, systems, and applications that store, process and transmit Company information assets. Company information assets are defined in the Sample Asset Identification and Classification Standard.

Objectives

The Company systems, including hardware and software, must be managed in accordance with the information asset protection objectives established in the Asset Protection Standard throughout the life cycle from acquisition to disposal. Specific instructions and requirements for life cycle management of Company hardware and software are provided in the System Development Life Cycle Standard.

The Company will establish and maintain Asset Protection Standards in accordance with the information asset protection objectives established in the Asset Protection Standard for each system represented in the Company production environment. Specific instructions and requirements for configuration management are provided in the Configuration Management Standard.

All systems, networks, and applications used in the Company production environment and in virtual premises, such as hosting sites, must follow the documented change control process and procedures to ensure that only authorized updates or changes are made. Specific instructions and requirements for change control are provided in the Change Control Certification Process Manual Standard.

All production systems and applications developed by the Company or on behalf of the Company must adhere to the documented process of analyzing, designing, developing, testing, and enhancing systems to ensure the integration of appropriate security controls. Specific instructions and requirements for systems development are provided in the System Development Life Cycle Standard.

Document Examples

Use these samples as a guide for your policy development. Fully customizable versions are available from The Policy Machine.

  • Asset Management Standard page one of six.

    Asset Management Standard page one of six.

  • Asset Management Standard page two of six.

    Asset Management Standard page two of six.

  • Asset Management Standard page three of six.

    Asset Management Standard page three of six.

  • Asset Management Standard page four of six.

    Asset Management Standard page four of six.

  • Asset Management Standard page five of six.

    Asset Management Standard page five of six.

  • Asset Management Standard page six of six.

    Asset Management Standard page six of six.

Retrieved from "http://horseproject.wiki/index.php?title=Sample_Asset_Management_Policy:&oldid=9893"