It is important that you are periodically auditing and logging critical IT assets for the purpose of minimizing security, conduct and financial risks. Below I have noted the most important assets that should be properly logged and have auditable documentation.
IT ASSET MANAGEMENT CHECKLIST:
- Hardware and Software
- computer user, UPC, location, model number, et cetera
- Network and communications infrastructure, servers and apps
- Alarm systems
- Telephone circuits
- Vendors and Service Providers
- Purchase and disposal info
- Computer and Laptop software upgrades
- List of all apps in laptops or computers for each employee including authorization and security information.
- Cloud Data backup hardware (e.g.; external USB drive)
By using this checklist the next time you conduct an IT Asset audit you’ll be able to identify vulnerabilities and exploits that were not previously known to you. For example, let’s say your policy states that there should be 10 laptops kept in the supply room at all times but when you conduct an audit you find only 8 and employees have been careless with the laptop request form. The laptops also have not been entered into the tracking system making matters worse as now you have to dig through invoices to identify the two missing laptop model numbers and SKUs.
An IT Asset Policy is not effective if it is not enforced regularly. Employees must be reminded of them everyday and trained periodically.