Asset management is the process of receiving, tagging, documenting, and eventually disposing of equipment. It is critically important to maintain up to date inventory and asset controls to ensure computer equipment locations and dispositions are well known. Lost or stolen equipment often contains sensitive data. Proper asset management procedures and protocols are a key part of any information security program.

This policy provides procedures and protocols supporting effective organizational asset management specifically focused on electronic devices that may be used to store customer data (e.g. key assets that impact information security).


Applies to all staff.

General Policy

Procedures governing asset management shall be established for secure disposal or re-purposing of equipment and resources prior to assignment, transfer, transport, or surplus. When disposing of any asset, sensitive data must be removed prior to disposal. IT support staff shall determine what type of data destruction protocol should be used for erasure. Minimally, data shall be removed using low level formatting.

The IT ticketing system shall be used to track activities associated disposal and re-purposing of equipment. For example, ticket shall be logged to track assignment of new assets (including hardening) and sanitization of assets prior to re-purposing or disposal. Tracking tickets shall be retained for a minimum of 4 years.

Return of Company Assets

Within 2 days of termination of employment, or business relationship with OfficeWork Software or for any reason (or at any time prior to OfficeWork Software's request), the employee shall return all assets belonging to the Company or its affiliates (including, but not limited to, any company-provided laptops, computers, cellphones, or any other equipment, and property belonging to OfficeWork Software).

Asset tracking includes:

  • Date of purchase
  • Make and model
  • Serial Number
  • Location
  • Type of asset
  • Owner
  • Disposition


IT staff shall perform a semi-annual audit on key assets.


Staff members found in policy violation may be subject to disciplinary action, up to and including termination.

Related Policies