Professional Documents
Culture Documents
C-40, Sector 59
Noida 201 307
(U.P.), India
http://www.rsystems.com/
Version No.
No.: : 1.0
3.2
Released on
on: : 22/05/06
31/07/19
This document of R Systems International Ltd. is for internal circulation. No part of this publication may be
reproduced, stored in a retrieval system, or transmitted in any from or by any means – recording,
1
photocopying, electronics and mechanical without prior written permission of R Systems International Ltd.
Review History
S No. Review Date Reviewed By Remarks
1 09/06/06 ISMS Forum Doc Changed and DCR raised
2 07/09/06 Abhishek Ramavat Doc Changed and DCR raised
3 01/06/09 ISMS Forum Doc Changed and DCR raised
4 04/03/11 Prabhas Dash Doc Changed and DCR raised
5 01/06/12 ISMS Forum No Change
6 09/08/12 Prabhas Dash Doc Changed and DCR raised
7 01/01/14 Manager QAG Doc Changed and DCR raised
8 15/06/15 Manager QAG Doc Changed and DCR raised
9 15/06/15 Sanjay Chouhan- AVP IT Doc Changed and DCR raised
Infrastructure
10 18/07/17 Sanjay Chouhan- AVP IT Doc Changed and DCR raised
Infrastructure
11 18/07/17 Sanjay Chouhan- AVP IT No Change
Infrastructure
12 29/07/19 Sanjay Chouhan- AVP IT Doc Changed and DCR raised
Infrastructure
13 28/07/20 Sanjay Chouhan- Head IT No Change
Infra
14 20/07/21 Sanjay Chouhan- Head IT No Change
Infra
15 20/07/22 Head IT Infra/GM-Admin No Change
2
DOCUMENT CONTROL SHEET
Document History
Ver. Release DCR Ref. Description of Change Authore Reviewed Approv
No. Date d/Revise By ed By
d By
1.0 09/06/06 DCR/ISMS Final release QA ISMS Forum CISO
/002 Group
1.1 07/09/06 DCR/ISMS ISMS Pre-assessment QA Abhishek CISO
/004 audit finding incorporated Group Ramavat
2.0 01/06/09 DCR/ISMS ISMS Periodic Review QAG ISMS Forum CISO
/058
2.1 04/03/11 DCR/ISMS Periodic Review QAG – Prabhas CISO
/083 ISMS Dash
2.1 01/06/12 NA ISMS Periodic Review QAG ISMS Forum CISO
2.2 09/08/12 DCR/ISMS Classification changed to QAG – Prabhas CISO
/105 Internal ISMS Dash
2.3 01/01/14 DCR/ISMS RSI Logo Updated ISMS Manager CISO
/112 Team QAG
3.0 15/06/15 DCR/ISMS Document revised and ISMS Manager CISO
/122 updated as per ISO Team QAG
27001:2013
3.0 15/06/15 DCR/ISMS Annual Review- 22/06/16 ISMS Sanjay CISO
/132 Team Chouhan-
AVP IT
Infrastructure
3.1 18/07/17 DCR/ISMS Annual Review: New ISMS Sanjay CISO
/136 Section 4.3.3 Re-use of Team Chouhan-
Media added also Section AVP IT
4.1.4 Unacceptable Use of Infrastructure
Assets updated
3.2 31/07/19 DCR/ISMS Annual Review: Review ISMS Sanjay CISO
/144 Date 29/07/19 Team Chouhan-
Sec-3 Scope updated by AVP IT
removing word Noida. Infrastructure
Notes:
Only controlled hardcopies of the document shall have signatures on them.
This is an internal document. Unauthorized access or copying is prohibited.
Uncontrolled when printed unless signed by approving authority.
3
Table of Contents
1. Overview ...................................................................................................... 5
2. Objective ...................................................................................................... 5
3. Scope ........................................................................................................... 5
4. Policy ........................................................................................................... 5
4.1 Responsibilities of Assets ............................................................................ 5
4.1.1 Inventory of Assets ................................................................................... 5
4.1.2 Ownership of assets ................................................................................. 5
4.1.3 Acceptable use of assets .......................................................................... 6
4.1.3.1 General Use ........................................................................................... 6
4.1.3.2 Security and Proprietary Information ...................................................... 6
4.1.4 Unacceptable Use of Assets ..................................................................... 7
4.1.5 Return of Assets ....................................................................................... 7
4.2 Information Classification ............................................................................. 7
4.2.1 Information Classification .......................................................................... 7
4.2.2 Labelling of Information ............................................................................. 7
4.2.3 Handling of Assets .................................................................................... 8
4.3 Media Handling ............................................................................................ 8
4.3.1 Management of Removable Media ........................................................... 8
4.3.2 Disposal of Media ..................................................................................... 8
4.3.3 Re-use of Media........................................................................................ 9
4.3.4 Physical Media Transfer............................................................................ 9
4
©R Systems International Ltd Internal ISPolicy031
1. Overview
R Systems intent to obtain the maximum benefit from the capital invested in its assets
throughout their life cycle. Thus the assets shall be identified, classified, protected,
managed and acceptably used in order to minimize the down time and maximize their
utilization.
2. Objective
3. Scope
4. Policy
All information assets shall be clearly identified and an inventory of all assets
will be drawn up and maintained. The asset inventory shall include following
information:
Type of asset
Asset Owner
Asset Business Value
All employees, contractors and third party users shall be required to return
all of the organization’s assets in their possession upon termination or
change of their employment, contract or agreement as defined in the HR
Manual.
The termination procedure shall include but not be limited to:
1. To return all previously issued software, documents, and
equipment by RSI. Other organizational assets such as mobile
computing devices, credit cards, access cards, and information
stored on electronic media shall also be returned.
2. To ensure that all relevant information is transferred to the
organization and securely erased from the equipment in cases an
employee, contractor or third party user purchases the
organization’s equipment or uses their own personal equipment.
3. To document and transfer information to RSI in cases where an
employee, contractor or third party user has knowledge that is
important to ongoing business operations.
R Systems will ensure that prior to re-using the media, it’s securely
overwritten and that such action is verified. Also previous label on such media
that is to be overwritten is removed and destroyed.