We're creating a single website for everything to do with BIS but, while we do that, you'll find information in three places. > Find what you're looking for
The Information Security Standard ISO/IEC 27002 is divided into eleven main sections. Section 3 is Asset Management.
Organisations are used to completing inventories of physical assets - for example, computers, printers, machinery, vehicles etc. But information is also recognised as a vital asset for every organisation. The value of specific information will depend on factors such as:
An Information Asset Register (IAR) should be created, detailing every information asset within the organisation. For example:
The Information Asset Register (IAR) should also describe:
The value of each asset can then be determined to ensure appropriate security is in place.
Use links below for further information:
ISO/IEC 27002 Section 1
ISO/IEC 27002 Section 2
ISO/IEC 27002 Section 4
ISO/IEC 27002 Section 5
ISO/IEC 27002 Section 6
ISO/IEC 27002 Section 7
ISO/IEC 27002 Section 8
ISO/IEC 27002 Section 9
ISO/IEC 27002 Section 10
ISO/IEC 27002 Section 11
ISO/IEC 27002 Explained
If you would like more background information about information security standards follow this link.