Asset identification and classification policy
This is a policy of ensuring that assets are clearly identified and appropriately classified.
Standards: Asset identification and classification standards of the respective State
Procedures: all information system assets should be appropriately identified and classified as part of an organization’s Information Technology Risk Management Process.
Asset protection policy
This refers to a policy aimed at protecting the assets from unauthorized users. Protection in this case is based on accuracy, confidentiality, and security.
Standard: Asset protection standard applied in the State
Procedures: implementation of anti-virus software, setting beck-up files, Implementation of measures to prevent unauthorized access to LAN
Asset management policy