Asset and Change Management Flashcards
What is Asset Management?
Systematic process of developing, operating, maintaining, and selling assets cost-effectively
This includes managing both tangible and intangible assets throughout their life cycle.
Define Change Management.
Structured approach to transitioning from a current state to a desired future state
Change management is essential in adapting to continuous changes in business environments.
What is the purpose of Acquisition and Procurement?
Structured process of sourcing, vetting, and obtaining security technologies and services
List the Mobile Asset Deployment Models.
- BYOD (Bring Your Own Device)
- COPE (Corporate-Owned, Personally Enabled)
- CYOD (Choose Your Own Device)
What is the importance of Asset Assignment and Accounting?
Clear ownership and classification of assets; rigorous monitoring through inventory checks and MDM solutions
What processes are involved in Asset Disposal and Decommissioning?
- Sanitization
- Destruction
- Certification
- Data retention
These processes minimize the risk of unauthorized access or data breaches.
What is the Change Management Approval Process?
Strict approval for every change; consideration of CAB insights, ownership, stakeholder involvement, and impact analysis
List best practices for Change Management Processes.
- Schedule maintenance windows
- Thorough backout plans
- Consistent testing post-implementation
What are the Technical Implications of Changes?
- Allow lists
- Deny lists
- Handling downtime
- Restarts
- Managing legacy applications and dependencies
Why is documenting changes important?
Version controlling changes; regularly updating diagrams, policies, and procedures
This ensures accountability and clarity in the change management process.
What is the difference between Acquisition and Procurement?
- Acquisition: Process of obtaining goods and services
- Procurement: Entire process of sourcing and obtaining those goods and services
What are the three main mobile device deployment models?
- BYOD (Bring Your Own Device)
- COPE (Corporate-Owned, Personally Enabled)
- CYOD (Choose Your Own Device)
What considerations should be made when selecting a mobile deployment model?
Specific needs, budget constraints, and risk appetite of your organization
What is meant by Asset Monitoring?
Maintaining an inventory with specifications, location, and assigned users
What is the purpose of Mobile Device Management (MDM)?
Manages and tracks mobile devices; centralizes management, enforces corporate policies, and safeguards sensitive data
What methods are used for data sanitization?
- Overwriting
- Degaussing
- Secure Erase
- Cryptographic Erase
What is the significance of Certification in Asset Disposal?
Acts as proof that data or hardware has been securely disposed of; important for organizations with regulatory requirements
List reasons for retaining data.
- Regulatory requirements
- Historical analysis
- Trend prediction
- Dispute resolution
What are the challenges of Change Management?
- Unplanned changes can lead to resistance
- Simple changes can disrupt existing processes
- Changes can impact efficiency
What are the five main steps in Change Management?
- Preparing for the Change
- Creating a Vision for the Change
- Implementing the Change
- Verifying the Change
- Documenting the Change
What is a Backout Plan in Change Management?
Pre-determined strategy to revert systems to their original state in case of issues during change implementation
What are Allow Lists and Deny Lists?
- Allow List: Specifies entities permitted to access a resource
- Deny List: Lists entities prevented from accessing a resource
What is the role of the Change Advisory Board (CAB)?
Evaluates proposed changes before approval, assesses viability, impacts, and alignment with objectives
What is the purpose of Impact Analysis in Change Management?
Assesses potential fallout, immediate effects, long-term impacts, and identifies challenges
What is meant by version control?
Tracks and manages changes in documents, software, and other files; allows collaboration and reversion to previous versions
What are Standard Operating Procedures (SOPs)?
Detailed step-by-step instructions for specific tasks; ensures consistency and reduces errors in change implementation
Fill in the blank: The process of sanitization makes data ________ from the storage medium.
inaccessible and irretrievable
True or False: Legacy applications are more flexible and less sensitive to changes.
False
What is critical for clarity and accountability in change management?
Proper documentation
Proper documentation includes updating change requests and trouble tickets to reflect successful completion.
What should be evaluated after implementing a change?
The process and its success
Continuous evaluation helps identify issues and improve future practices.
What does continuous improvement in change management emphasize?
Iterative process improvement
It aims to ensure smoother future changes by learning from past mistakes.
What is the purpose of change requests and trouble tickets?
To create a clear timeline of change actions
They inform stakeholders and provide a record of change history for future reference.
True or False: Records are essential for communication and accountability in change management.
True
Records help track changes and ensure stakeholders are informed.
After implementing a change, what should be revised to prevent recurrence?
Policies and procedures
This helps to address identified issues and improve future change management.
Fill in the blank: _______ is necessary for documenting successful completion in change management.
[Proper documentation]
Proper documentation includes updating change requests and trouble tickets.
