Version: 1.0Last updated: January 2026Owner: Security Lead

Asset Management Policy

1. Purpose

To ensure information assets are identified, owned, and protected throughout their lifecycle.

2. Scope

Company devices, cloud accounts and services, software, and data assets.

3. Inventory

We maintain an inventory of company devices and the cloud services and accounts we use.
Each significant asset has an owner responsible for its security.

4. Acceptable use & handling

Assets are used in line with our Acceptable Use and Data Classification policies.

5. Lifecycle

Assets are provisioned through approved channels.
On decommissioning, data is securely removed before disposal or reassignment.

6. Review

This policy is reviewed at least annually.