ASSET MANAGEMENT POLICY - West Hampshire CCG

1y ago
27 Views
1 Downloads
392.90 KB
17 Pages
Last View : 2d ago
Last Download : 2m ago
Upload by : Farrah Jaffe
Transcription

ASSET MANAGEMENT POLICYVersion 1.1Asset Management Policy COR/059/V1.1Version 1.1September 20191

Subject and version number ofdocument:Asset Management PolicyVersion 1.1Serial number:COR/059/V1.01Operative date:1 October 2019Author:CSU Cyber Security ManagerCCG owner:Senior Information Risk OwnerLinks to other policies:Review date:September 2021For action by:All StaffPolicy statement:This policy provides the framework for the SCWIT Services Asset Management Process whichmust be followed by all SCW staff and externalsuppliers when managing assets on behalf ofcustomers.Responsibility for dissemination tonew staff:Line managers at induction.Mechanisms for dissemination:All new and revised policies are promotedthrough the staff newsletter and intranet, andpublished on the CCG website.Training implications:All staff should be made aware of where to findCCG policies at induction.Resource implicationsThere are no resource implications in relationto this policy.Further details and additionalcopies available from:Website:Equality analysis completed?CSU equality impact assessment frameworkused to evaluate policy. EIA template appendedto policy.Consultation processCSU IT Senior Leadership TeamCSU Corporate Governance Assurance GroupCCG Policy Sub GroupApproved by:Policy Sub GroupDate approved:11 September 2019Asset Management Policy COR/059/V1.1Version 1.1September -and-security-policies/2

Website Upload:WebsiteLocation in FOIPublication umenttag/ig-and-security-policies/Insert helpful keywords (metadata) that will be used to search for thisdocument on the intranet and websiteAmendments Summary:Amend IssuedPage(s)No12345SubjectAction DateReview Log:Include details of when the document was last reviewed:VersionNumber1.1ReviewDateSept 19ReviewerRatification ProcessNotesSCW CSUCyberSecurityManagerSCW CSU IT SeniorLeadership Team, IGSteering Group andCorporate GovernanceAssurance Group.CCG Policy Sub Group.Full review. Noamendments tocontent apart fromchanging regularreview period fromannual to biennial.Asset Management Policy COR/059/V1.1Version 1.1September 20193

ASSET MANAGEMENT POLICYAs the South, Central & West Commissioning Support Unit (CSU) provides ITnetworks, equipment and support to West Hampshire CCG, all CCG employees arerequired to adhere to the CSU IT Services core information security policies, inaddition to those of the CCG.The following policy was developed by the CSU IT Services Team and was adoptedfor use by the CCG. This has been identified as an IT Core Policy and as suchcannot be amended by the CCG.SUMMARY OF KEY POINTS TO NOTEThis policy provides the framework for the SCW IT Services Asset ManagementProcess, which must be followed by all SCW staff and external suppliers whenmanaging assets on behalf of customers.This policy supports management of hardware and software. Hardware and softwareclasses listed below include but are not limited to: Personal Computers: desktop, laptop, notebook Mobile devices: tablets, mobile phones Monitors Printers, label writers and scanners Business systems: conference facilities, projectors, smartboards Network equipment, servers, routers, switches, firewalls, UninterruptiblePower Supply (UPS) Wi-Fi equipment: Wi-Fi Access Points, Wi-Fi controllers Storage Area Network, compute, appliances, network equipment.Software assets supported by SCW: End User: for example, business, communication and specialist applications Local and Core Infrastructure: for example, Operating System, virtualisation,databases, threat detection Software is further categorised by publisher, software title, version, licencetype.Asset Management Policy COR/059/V1.1Version 1.1September 20194

OFFICIALIT Asset Management PolicyVersion 1.1NHS South, Central and WestCommissioning Support UnitAugust 2019South, Central and West

DOCUMENT CONTROLDocument NameVersionStatusAuthorIT Asset Management Policy1.1FinalHead of ServiceDevelopment & SupportDocument objectives:This document defines the Policy for planning andmanaging assets across the lifecycle.Target audience:The Policy provides the framework for the SCW IT ServicesAsset Management Process; which must be followed byall SCW staff and external suppliers when managing assetson behalf of customers.Committee/Group Consulted:SCW IT Services Senior Leadership TeamMonitoring arrangements andindicators:The effectiveness of the Policy in meeting its aims andobjectives will be kept under review and reportssubmitted as required to the SCW IT Services SeniorLeadership Team.Training/resource implications:Training in, and assistance in adhering to, the Policy willbe provided by the Asset Management Team.Approved and ratified by:SCW InformationGovernance Steering GroupSCW Corporate GovernanceAssurance GroupDate: 19/08/2019Equality Impact Assessment:Yes23 July 2018Date issued:19/08/2019Review date:July 2021Author:Stephanie Wilson, Head of Service Development andSupportLead Director:Simon Sturgeon, Director of IT ServicesVersion Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 2

Version ControlChange RecordDateAuthorVersionPageReason for Change22-Jul-18StephanieWilson0.123-Jul-18Cathy Jukes 0.2SLT Review24-Jul-18StephanieWilson1.0Version change following CGAGapproval and ratification21/06/2019 Arif Gulzar1.1AllPolicy reviewed and signed off by ITsenior leadership team12/07/2019 Arif Gulzar1.1AllPolicy approved by IG Steering Group19/08/2019 Arif Gulzar1.1AllPolicy ratified by SCW CorporateGovernance Assurance GroupFirst draft versionReviewers/contributorsNamePositionVersion Reviewed& DateDavid WalchHead of IT Service DeliveryV1.1 21/06/2019Andy FerrariAssociate Director of IT Strategy and Planning V1.1 21/06/2019Michael KnightAssociate Director of TechnologyManagement & ArchitectureV1.1 21/06/2019Stephanie WilsonHead of IT Services Development & SupportV1.1 21/06/2019Cathy JukesAssociate Director of IT Led Programmes &Portfolio ManagementV1.1 21/06/2019Simon SturgeonDirector of IT ServicesV1.1 21/06/2019Version Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 3

CONTENTS1.INTRODUCTION . 52.SCOPE AND DEFINITIONS. 53.DETAILS OF THE POLICY . 64.OBJECTIVES . 75.ROLES AND RESPONSIBILITIES . 86.TRAINING . 97.MONITORING COMPLIANCE AND EFFECTIVENESS. 98.REVIEW . 99.REFERENCES AND ASSOCIATED DOCUMENTS. 9APPENDIX A - ASSET LIFE CYCLE PROCESSES . 11APPENDIX B - EQUALITY IMPACT ANALYSIS. 12Version Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 4

1.INTRODUCTIONThe Asset Management Policy describes the aims and objectives of assetmanagement. This policy draws from IT industry best practice using the ITILframework, IT Asset Management (ITAM), the ISO Asset Management System ISO55001, Controls Objectives in IT (COBIT 5), PRINCE 2.This asset management policy provides the framework for the care and controlof IT assets through their life cycle. The 5 life cycle phases cover acquisition,deployment, operation and maintenance through to decommissioning(retirement) and disposal of assets.The primary purposes of asset management are to: Support delivery of IT services in line with customers’ business plans Provide transparency of IT costs, benefits and risks Support optimisation of IT assets, resources and capabilitiesThe secondary purposes of asset management are to: Ensure IT compliance with internal policies Ensure IT compliance with standards, legal and regulatory obligations Manage IT-related business risk Support IT agility Ensure security of information, processing infrastructure and applications Ensure availability of reliable performance management information2.SCOPE AND DEFINITIONSScopeThe objective of the Asset Management Policy is to define a coherent set ofprinciples, policy statements, processes, standards and architectures that: Describe how IT assets are managedProvide high level policy statements on the requirements for managing assets Identify key standards, processes and procedures which support the policyDefine the roles and responsibilities for implementing this policyDefine technical solutions that support the delivery of the asset managementpolicyVersion Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 5

This policy applies to all customers, and staff of NHS South, Central and WestCSU, and all appointed 3rd party suppliers.IT hardware and software assets fall the within scope of the IT AssetManagement Policy (and where management of these is included withincustomer support agreements). It excludes Information Assets.DefinitionsISO 55000 defines asset management as “the coordinated activity of anorganisation to realise value from assets” where an asset is an “item, thing orentity that has potential or actual value to an organisation”.This policy supports management of hardware and software. Hardware andSoftware classes listed below include but are not limited to: Personal Computers: desktop, laptop, notebook Mobile devices: tablets, mobile phones Monitors Printers, label writers and scanners Business systems: conference facilities, projectors, smartboards Network equipment, servers, routers, switches, firewalls, UninterruptiblePower Supply (UPS) Wi-Fi equipment: Wi-Fi Access Points, Wi-Fi controllers Storage Area Network, compute, appliances, network equipmentSoftware assets supported by SCW: End User: for example, business, communication and specialist applications Local and Core Infrastructure: for example, Operating System, virtualisation,databases, threat detection Software is further categorised by publisher, software title, version, licencetype3.DETAILS OF THE POLICYSCW provides Asset Lifecycle Management as defined within ITIL/ ITAM bestpractice. The 5 key Lifecycle Processes are: Receive, Deploy, Maintain, Retire,Version Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 6

Dispose assets (see Appendix A for further detail). These processes aremanaged in accordance with best practice or as agreed with the customerorganisation.An Asset Repository is maintained and used to record status of all assetsthroughout the lifecycle.Technology tools are used in combination with data integration methods andprocesses to provide management information. Tools include an AssetManagement Tool, databases, barcode scanners. Asset data is integrated withthe Service Management Tool to support operational service delivery.Established processes capture asset maintenance and renewal details, supportedby details of how purchased, vendor or supplier from whom acquired,maintenance and support agreements, start and end dates.4.OBJECTIVESApplication of the policy will ensure adherence to the following principles andobjectives: Hardware and software assets will be managed in accordance with laws,Standing Financial Instructions, agreed standards, policies, processes,procedures, 3rd party and customer Service Level Agreements Critical core and local infrastructure is maintained and supported inaccordance with manufacturers and suppliers warranted terms IT assets are operated in accordance with manufacturers’ warranties inorder to maximise return on investment, with agreement of customersand support of vendors and manufacturersIT assets will be managed in accordance with supplier, 3rd party and customer agreements This policy will be operated alongside other asset standards and referencedocuments including:-Naming standards and hardware asset management labellingconventions-Supported hardware and software standards as agreed withcustomers and suppliersVersion Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 7

-Vendors and manufacturers contracts and warranties-IT Disposal PolicySoftware is managed in accordance with legal obligations relating to:-Software publishers’ terms and conditions-Software entitlements-Customers are advised of their responsibilities and options forachieving compliance Proactively seek Continuous Service Improvement of our assetmanagement capabilities and activities and assure value for money forcustomers and stakeholders5.ROLES AND RESPONSIBILITIESSCW IT Services are responsible for care and control of in scope assets inaccordance with this policy.Key StakeholderResponsibilityCustomersResponsible for planning and securing investmentin assets in accordance with own business plansResponsible for assets in their careConsulted/ InformedSCW ExecutiveManagement TeamAccountable for approval of asset managementpolicyAccountable for approval of IT Services BusinessPlan and associated Business CasesDirector of IT ServicesAccountable for operating in accordance with policyITS Senior LeadershipTeamResponsible for operating in accordance with policyResponsible for communicating policy to staffHead of ServiceDevelopment andSupportResponsible for authoring and maintenance ofpolicyResponsible for assurance, lifecycle activities.Responsible for preparing business cases forinvestment in people resources, technical tools, anddata management.Asset and ConfigurationResponsible for operating in accordance withVersion Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 8

6.Manageragreed asset management processes and otherrelated IT processes.Associate Director ofTechnical Managementand ArchitectureResponsible for management of core ITinfrastructure in accordance with policyHead of Service DeliveryResponsible for operational service delivery inaccordance with policy3rd Party SuppliersResponsible for operating in accordance with policyResponsible for compliance with linked policies, forexample the Disposal PolicyInformedIT Services staffResponsible for operating in accordance with policyCyber Security ManagerConsultedInformation GovernanceConsultedTRAININGThe Asset Management Team will ensure training opportunities are provided inthe use of the technical tools (Asset Management Tool) and application of thispolicy and underpinning processes, procedures and standards.7.MONITORING COMPLIANCE AND EFFECTIVENESSThe Head of Service Development & Support is responsible for monitoringcompliance with this policy.Compliance with the policy will be measured through the availability of accurate,complete, timely and relevant asset information to support operationalprocesses and decision making. Information will be recorded and maintained inthe Asset Repository and within Service Management and Asset ManagementTools. Gaps in the available information will be remediated with an agreed planof action.8.REVIEWThe policy will be reviewed at least biennially by IT Services Senior LeadershipTeam.9.REFERENCES AND ASSOCIATED DOCUMENTSLegislation Health and Safety at Work Act, 1974 General Data Protection Regulations Act, 2018Version Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 9

Copyright Designs and Patents Act, 1988 Waste Electrical and Electronic Equipment (WEEE) Directive ( 2002/96/EC and2003/108/EC)Policies Standing Financial Instructions, Capital Accounting Policies (NHS England)Guidance on the security and management of NHS assets (NHS Protect) Risk Management PolicyGuidance NHS Codes of Practice in relation to Information Governance and bestpractice guidance (Department of Health) Excellence in GP IT (NHS England) Hardware and Software Security Good Practice Guide; Sanitisation, Reuse,Disposal and Destruction Good Practice Guide; Asset Management GoodPractice Guide, (NHS Digital) 10 Steps to Cyber Security, National Cyber Security cure-configuration.Version Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 10

APPENDIX A - ASSET LIFE CYCLE PROCESSESVersion Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 11

APPENDIX B - EQUALITY IMPACT ANALYSISEquality Impact Analysis on the Asset Management Policy1 What is it about?Refer to the Equality Act 2010a) Describe the proposal/policy and the outcomes/benefits you are hoping to achieveThe Asset Management Policy describes the aims and objectives of IT asset management andprovides the framework for care and control of IT assets through their life cycle.b) Who is it for?All staffc) How will the proposal/policy meet the equality duties?No impactd) What are the barriers to meeting this potential?There are no barriers.2 Who is using it?Consider all equality groupsa) Describe the current/proposed beneficiaries and include an equality profile if possibleThe policy is applicable to all.b) How have you/can you involve your patients/service users in developing theproposal/policy?Patients and service users have not been involved in developing the policy as this is anoperational policy.c) Who is missing? Do you need to fill any gaps in your data?There are no gaps.3 ImpactgroupsConsider how it affects different dimensions of equality and equalityUsing the information from steps 1 & 2 above:a) Does (or could) the proposal/policy create an adverse impact for some groups orindividuals? Is it clear what this is?It is not anticipated that any adverse impact will be created.b) What can be done to change this impact? If it can’t be changed, how can this impact bemitigated or justified?This is not applicable.c) Does (or could) the proposal/policy create a benefit for a particular group? Is it clear whatthis is? Can you maximise the benefits for other disadvantaged groups?This policy is equal across all groups.Version Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 12

d) Is further consultation needed? How will the assumptions made in this analysis be tested?No.4 So what (outcome of this EIA)?processLink to the business planninga) What changes have you made in the course of this EIA?None.b) What will you do now and what will be included in future planning?Not applicable.c) When will this EIA be reviewed?At policy review.d) How will success be measured?No equality issues are created.Sign-offDate completed:24-07-2018Name of person leading this EIA:Stephanie WilsonProposed EIA review date:01-07-2019Signature of director/decision-makerSimon Sturgeon, Director of IT ServicesName of director/decision-makerSimon Sturgeon, Director of IT ServicesDate signed24-07-2018End of Policy DocumentVersion Number: 1.1Status: FinalSouth, Central and WestIssue/approval date: 19/08/2019Next review date: July 2021Page 13

This asset management policy provides the framework for the care and control of IT assets through their life cycle. The 5 life cycle phases cover acquisition, deployment, operation and maintenance through to decommissioning (retirement) and disposal of assets. The primary purposes of asset management are to: Support delivery of IT services in line with customers’ business plans .

Related Documents:

NH SAS 2018–2019 Technical Report: Volume 6 Score Interpretation Guide 1 New Hampshire Department of Education 1. NEW HAMPSHIRE SCORE REPORTS In spring 2019, the following New Hampshire Statewide Assessment System (NH SAS) tests were administered to New Hampshire stu

Use and Maintenance of asset risk information Legal and other requirements Audit Corrective and Preventative Action Continual Improvement Records Management Review 1.6 General Requirements Asset Management Policy Asset Management Strategy Asset Management Objectives Asset Managemen

A Practical Guide to SAP . 9.1 Introduction to asset accounting 181 9.2 Structure and methodolgy 183 9.3 Different methods of asset acquisition 184 9.4 Asset master record 185 9.5 Asset acquisitions 190 9.6 Retirements with customer 199 9.7 Asset value adjustments 202 9.8 Reverse asset posting 207 9.9 Asset transfers 208 9.10 Depreciation and closing tasks 211 9.11 Asset drill down and .

practice asset management. § Having standards for asset management would allow network businesses to benchmark themselves against other organizations in different jurisdictions or geographies. § Standards for asset management could be used as a communication and education tool to understand and explain the best-practice methods in asset .

International Infrastructure Management Manual. The Asset Management Plan is to be read with Council’s Asset Management Policy, Asset Management Strategy and the following associated planning documents: Glamorgan Spring Bay Council Strategic Plan 2012 - 2020 The infrastructure assets covered by this asset management plan are shown in Table 2.1.

AMP Capital Investors Investment Manager Multi-Asset 50 - 249.99 Australia AP2 Asset Owner Multi-Asset 10 - 49.99 Sweden APG Asset Management Investment Manager Multi-Asset 250 Netherlands Australian Ethical Investment Ltd. Investment Manager 50% Listed Equity Internally Managed 1 - 9.99 Australia Aware Super Asset Owner Multi-Asset 50 .

PeopleSoft Asset Management simplifies asset management and the associated accounting complexities. It helps to lower the cost of asset ownership and secures your assets with a single global view. Using PeopleSoft Asset Management allows you to leverage the value of your fixed asset inv

Risk management program Risk Management Framework Security management program Security Risk Management System (SRMS) Security Department - Analysis Asset management financial planning Agency Asset Management Plan Nine (9) Facility AMPs Fleet AMP Randall's Island Campus AMP Asset systems architecture Infor EAM .

international best practice (specifically the ISO 55000 series of international asset management standards and the International Infrastructure Management Manual). State Road Authority Asset Management Policy It is the policy of the State road authority that its asset management system will deliver the following outcomes:

4.9.2 Gaps against current strategy targets and asset management objectives . (AMP) 5. the scope and boundaries of the Asset Management Framework, the asset management and . 7. outline of organisational governance arrangements, including the agency’s Asset Management Policy and the rol

as well as other government policy and planning frameworks. Continuous improvement The Asset Management Policy, principles and strategies sits within a constantly changing environment and will be continuously reviewed and improved to optimise asset performance. 6. Regulatory context The policy operates in accordance with the following regulations: Asset Management Accountability Framework .

Oct 08, 2010 · 01380 Debit Card Dept'l Asset 01390 ACH Refunds Asset 01400 General Asset 01410 Postage Asset . 01520 Inv Rutgers U. Press Asset 01540 Inv Physical Plant Asset 01560 Inventory Other Asset . 04110 Gifts & Beq Alumni Revenue 04120 Gifts & Beq Corp. Revenue 04130 Gifts & Beq Found. Revenue

the cost of the asset; 2. the life of the asset; 3. the expected residual value of the asset; 4. and, by the method of depreciation selected for amortisation of the asset which must be systematic and rational. Cost of asset means the basic acquisition cost of the asset plus all incidental expenses which are required to the asset into use.

Select "Asset Groups" under "Assets" to view your asset groups. Go to New Asset Group to add a new asset group. Asset grouping offers great flexibility, allowing you to assign assets to multiple asset groups. To view information associated with an asset gr oup, click anywhere in the data list row for

The asset management strategy is to enable Council to show: how its asset portfolio will meet the service delivery needs of its community into the future, to enable Council’s asset management policies to be achieved, and to ensure the integration of Council’s asset management

Defining Asset Management: Asset Management Body of Knowledge Asset management has been practiced for millennia, but only in recent years has there been a concerted effort to bring together the many facets or disciplines of asset management to form a holistic management system. Associated with that discipline is a developing body of knowledge .

ASSET MANAGEMENT UNIT 3. Asset Management Unit 4. Functions of Asset Management Unit 5. Taking over of properties by Asset Management Unit 6. Steps to prevent funds or assets to designated persons 7. Coordination with other countries in the seizure, forfeiture or confiscation of the properties 8. Policies and procedure for management of se ized .

This Annual Report Form shall be flied with the New Hampshire Public Utilities Commission, 8 Old Suncook Road, Concord, New Hampshire 03301-5185,on or before March31 of each year, in accor dance with the requirements of New Hampshire RSA 374:13 Form of Accounts and Records.

2 0 1 4 A N N U A L R E P O R T. New Hampshire Historical Society Page 2 2014 Annual Report 30 Park Street Concord, New Hampshire 03301 . William P. Veillette Amherst Bert R. Whittemore Concord Phil Zea . Mount Washington Cog Railway New Hampshire Distributors, Inc. New Hampshire Federal Credit Union BUSINESS PARTNERS

TAMINCO GROUP NV Pantserschipstraat 207, 9000 Ghent, Belgium Enterprise number 0891.533.631 Offering of New Shares (with VVPR strips attached) and Existing Shares