Normenverzeichnis » Norm: ISO/IEC 19770-1

Zuletzt bearbeitet am 12.04.2024 um 14:59:23 durch Sachkunde24-Redaktion.
Name:
ISO/IEC 19770-1
Titel (Deutsch):
Informationstechnik - Management von IT-Assets - Teil 1: Managementsysteme für IT-Assets - Anforderungen
Titel (Englisch):
Information technology - IT asset management - Part 1: IT asset management systems - Requirements
letzte Aktualisierung:
:2017-12
letzte Aktualisierung:
01.12.2017
Seiten:
37
Link (Herausgeber):
https://www.beuth.de/de/norm/iso-iec-19770-1/283661810

Funktionen

Systematik

Beschreibung

Verweis auf die übergeordnete Normsammlung ISO/IEC 19770

Contents

Foreword
Introduction
1 Scope
1.1 Purpose
1.2 Field of application
1.3 Limitations
2 Normative references
3 Termsanddefinitions
4 Context of the organization
4.1 Understanding the organization and its context
4.2 Understanding the needs and expectations of stakeholders
4.3 Determining the scope of the IT asset management system
4.4 IT asset management system
5 Leadership
5.1 Leadership and commitment
5.2 Policy
5.3 Organizational roles, responsibilities and authorities
6 Planning
6.1 Actions to address risks and opportunities for the IT asset management system
6.1.1 General
6.1.2 IT asset risk assessment
6.1.3 IT asset risk treatment
6.2 IT asset management objectives and planning to achieve them
6.2.1 IT asset management operation process specification
6.2.2 IT asset management objectives for operation processes
6.2.3 Overall IT asset management objectives
6.2.4 Planning to achieve IT asset management objectives
7 Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Information requirements
7.6 Documented information
7.6.1 General
7.6.2 Traceability of ownership and responsibility
7.6.3 Audit trails of authorizations and execution of authorizations ............................................... 21
7.6.4 Creating and updating ................................................................................................................. 21
7.6.5 Control of documented information ...........................................................................................21
8 Operation ...................................................................................................................................... 22
8.1 Operational planning and control ...............................................................................................22
8.2 Management of change ...............................................................................................................22
8.3 Core data management ............................................................................................................... 22
8.4 License management .................................................................................................................. 22
8.5 Security management ................................................................................................................. 23
8.6 Other processes .......................................................................................................................... 23
8.7 Outsourcing and services .......................................................................................................... 23
8.8 Mixed responsibilities between the organization and its personnel ...................................... 24
9 Performance evaluation .............................................................................................................. 24
9.1 Monitoring, measurement, analysis and evaluation ................................................................ 24
9.2 Internal audit ................................................................................................................................ 25
9.3 Management review ..................................................................................................................... 25
10 Improvement ................................................................................................................................ 26
10.1 Nonconformity and corrective action ........................................................................................ 26
10.2 Preventive action ......................................................................................................................... 26
10.3 Continual improvement .............................................................................................................. 26

Annex A (normative) IT asset management operation processes and objectives ................................ 27

Annex B (informative) IT asset management tiers .................................................................................... 31

Annex C (informative) Characteristics of IT Assets .................................................................................. 33

Annex D (informative) Changes from DIN ISO 55001..... 35

Bibliography .................................................................................................................................................. 37