Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Assets and media shall be disposed of safely.
Guidance
- When eliminating tangible assets like business computers/laptops, servers, hard drive(s) and other
storage media (USB drives, paper…), ensure that all sensitive business or personal data are securely
deleted (i.e. electronically “wiped”) before they are removed and then physically destroyed (or recommissioned). This is also known as “sanitization” and thus related to the requirement and guidance in PR.IP-6.
- Consider installing a remote-wiping application on company laptops, tablets, cell phones, and other
mobile devices.
The organization shall enforce accountability for all its business-critical assets throughout
the system lifecycle, including removal, transfers, and disposition.
Guidance
Accountability should include:
- The authorization for business-critical assets to enter and exit the facility.
- Monitoring and maintaining documentation related to the movements of business-critical assets.
The organization shall ensure that disposal actions are approved, tracked, documented, and verified.
Guidance
Disposal actions include media sanitization actions (See PR.IP-6).
The organization shall ensure that the necessary measures are taken to deal with loss, misuse, damage, or theft of assets.
Guidance
This can be done by policies, processes & procedures (reporting), technical & organizational means
(encryption, Access Control (AC), Mobile Device Management (MDM), monitoring, secure wipe, awareness, signed user agreement, guidelines & manuals, backups, inventory update …).
Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Assets and media shall be disposed of safely.
Guidance
- When eliminating tangible assets like business computers/laptops, servers, hard drive(s) and other
storage media (USB drives, paper…), ensure that all sensitive business or personal data are securely
deleted (i.e. electronically “wiped”) before they are removed and then physically destroyed (or recommissioned). This is also known as “sanitization” and thus related to the requirement and guidance in PR.IP-6.
- Consider installing a remote-wiping application on company laptops, tablets, cell phones, and other
mobile devices.
The organization shall enforce accountability for all its business-critical assets throughout
the system lifecycle, including removal, transfers, and disposition.
Guidance
Accountability should include:
- The authorization for business-critical assets to enter and exit the facility.
- Monitoring and maintaining documentation related to the movements of business-critical assets.
The organization shall ensure that disposal actions are approved, tracked, documented, and verified.
Guidance
Disposal actions include media sanitization actions (See PR.IP-6).
The organization shall ensure that the necessary measures are taken to deal with loss, misuse, damage, or theft of assets.
Guidance
This can be done by policies, processes & procedures (reporting), technical & organizational means
(encryption, Access Control (AC), Mobile Device Management (MDM), monitoring, secure wipe, awareness, signed user agreement, guidelines & manuals, backups, inventory update …).
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
