Introduction
This policy is part of the medDigital ISMS and must be fully complied with.
The purpose of this policy is to identify physical and information assets and define appropriate
protection responsibilities where necessary.
Scope
This policy applies to all physical and information assets.
Inventory
A full inventory of information assets exists at M:\Board\Corporate\Information Asset Register.
A full inventory of physical assets is located within the UMS.
Acceptable use of physical assets
All equipment is provided for legitimate business use. Employees and contractors are responsible
for exercising good judgement regarding reasonableness of personal use and should consider the
Operations Security &
Physical Security policies
before doing so and remembering that the installation of any software without IT approval is prohibited.
Responsibilities
Paul Gardner is responsible for maintaining the inventory of information assets.
Line managers are responsible for logging the movement of physical assets within the UMS,
ensuring the return of physical assets to the line manager upon the termination of any employment or contractual arrangement, and
the transfer of those physical assets to IT for disposal when no longer required.
Individuals are responsible for taking good care of physical assets assigned to them and to
report the theft or loss of any physical asset to IT Security as soon
as it becomes apparent.
Individuals are responsible for reporting damaged/faulty assets to IT and, where the equipment is under
warranty, to engage with the vendor as required to repair the asset.
Paul Gardner is responsible for the secure disposal of physical and information assets.