BS ISO/IEC 19770-1:2017

$189.07

Information technology. IT asset management – IT asset management systems. Requirements

Published By	Publication Date	Number of Pages
BSI	2017	48

Guaranteed Safe Checkout

Category: BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

1.1 Purpose

This document specifies requirements for an IT asset management system within the context of the organization.

This document can be applied to all types of IT assets and by all types and sizes of organizations.

NOTE 1 This document is intended to be used for managing IT assets in particular, but it can also be applied to other asset types. It can be suitable, in whole or in part, for managing embedded software and firmware, however its use for these purposes has not been determined. It is not intended for managing information assets per se, i.e. it is not intended for managing information as an asset independent of hardware and software assets. Certain types of data and information are covered, such as data and information about IT assets in scope, and depending on how the scope is defined, it can cover digital information content assets. See the Introduction for an explanation about IT assets.

NOTE 2 This document does not specify financial, accounting, or technical requirements for managing specific IT asset types.

NOTE 3 For the purposes of this document, the term “IT asset management system” is used to refer to a management system for IT asset management.

This document is a discipline-specific extension of ISO 55001:2014, with changes, and is not a sector-specific application of that International Standard. ISO 55001:2014 is intended to be used for managing physical assets in particular, but it can also be applied to other asset types. This document specifies requirements for the management of IT assets which are additional to those specified in ISO 55001:2014. Conformance to this document does not imply conformance to ISO 55001:2014.

This document can be used by internal and external parties to assess the organization’s ability to meet the organization’s own IT asset management requirements.

1.2 Field of application

This document applies to IT asset management processes and can be implemented by organizations to achieve immediate benefits.

This document can be applied to all IT assets. For example, it can be applied to not only IT hardware but also to executable software (such as application programs and operating systems) and non-executable software (such as fonts and configuration information). It can be applied to all technological environments and computing platforms (e.g. virtualized software applications, on-premises or software-as-a-service; it is equally relevant in cloud computing as it is in legacy computing environments).

1.3 Limitations

This document does not detail the IT asset management processes in terms of methods or procedures required to meet the requirements for outcomes of a process.

This document does not specify the sequence of steps an organization should follow to implement IT asset management.

This document does not detail documentation in terms of name, format, explicit content and recording media.

PDF Catalog

PDF Pages	PDF Title
2	National foreword
7	Foreword
8	Introduction
11	1 Scope 1.1 Purpose 1.2 Field of application 1.3 Limitations
12	2 Normative references 3 Terms and definitions
22	4 Context of the organization 4.1 Understanding the organization and its context 4.2 Understanding the needs and expectations of stakeholders
23	4.3 Determining the scope of the IT asset management system 4.4 IT asset management system 5 Leadership 5.1 Leadership and commitment
24	5.2 Policy 5.3 Organizational roles, responsibilities and authorities
25	6 Planning 6.1 Actions to address risks and opportunities for the IT asset management system 6.1.1 General 6.1.2 IT asset risk assessment
26	6.1.3 IT asset risk treatment 6.2 IT asset management objectives and planning to achieve them 6.2.1 IT asset management operation process specification
27	6.2.2 IT asset management objectives for operation processes 6.2.3 Overall IT asset management objectives 6.2.4 Planning to achieve IT asset management objectives
28	7 Support 7.1 Resources 7.2 Competence
29	7.3 Awareness 7.4 Communication 7.5 Information requirements
30	7.6 Documented information 7.6.1 General 7.6.2 Traceability of ownership and responsibility
31	7.6.3 Audit trails of authorizations and execution of authorizations 7.6.4 Creating and updating 7.6.5 Control of documented information
32	8 Operation 8.1 Operational planning and control 8.2 Management of change 8.3 Core data management 8.4 License management
33	8.5 Security management 8.6 Other processes 8.7 Outsourcing and services
34	8.8 Mixed responsibilities between the organization and its personnel 9 Performance evaluation 9.1 Monitoring, measurement, analysis and evaluation
35	9.2 Internal audit 9.3 Management review
36	10 Improvement 10.1 Nonconformity and corrective action 10.2 Preventive action 10.3 Continual improvement
37	Annex A (normative) IT asset management operation processes and objectives
41	Annex B (informative) IT asset management tiers
43	Annex C (informative) Characteristics of IT Assets
45	Annex D (informative) Changes from ISO 55001
47	Bibliography

Additional information

Status	Withdrawn
Title	Information technology. IT asset management – IT asset management systems. Requirements
Replaces	BS ISO/IEC 19770-1:2012
Publisher	BSI
Committee	IST/15
Pages	48
Publication Date	2017-12-19
Withdrawn Date	2024-03-13
ISBN	978 0 580 90696 1
Standard Number	BS ISO/IEC 19770-1:2017
Identical National Standard Of	ISO/IEC 19770-1:2017
Descriptors	Computer programs, Enterprises, Data media, Consumer-supplier relations, Risk assessment, Data processing, Management, Security, Conformity, Computer software
ICS Codes	35.080 - Software

Preview PDF


PDF Format	Searchable	Printable	Preview Now

BS ISO/IEC 19770-1:2017

PDF Catalog

Related products