The purpose of an asset disposal policy is to ensure that an organisation has fully thought through, evaluated and responded to legislation and other constraints surrounding the disposal of assets - specifically IT assets in this case. This is important so as to…
- Minimise and mitigate the risk of data leakages and security breaches
- Act in an environmentally friendly manner
- Ensure the organisation maintains full compliance with all legislation
- Let all staff know exactly what procedures to follow
It is also very important to ensure that everybody is aware of the provisions contained in the policy and that compliance with the policy is maintained company-wide.
Key Points To Include In The Policy
Many disposal policies are only 2 or 3 pages long. It does not require many words to outline the procedures that should be followed. These main heading should be covered:
1 - Roles & Responsibilities
The policy should indicate the primary roles, what activities those roles are expected to carry out and the responsibility owners for those activities. For example, the IT department is usually responsible for the end-to-end disposal process, while the financial section needs to be informed of asset disposals.
2 - Classification Of ICT Equipment For Disposal
Not all IT equipment needs to be processed for data sanitation and media destruction. This section can categorise types of equipment and indicate the suitable disposal path for each type.
3 - Procedure For Data Sanitation
This is where data security procedures must be strong and compliant, both to protect the data that has been entrusted to the custody of the organisation and to ensure total compliance so as to avoid any penalties. This is a significant responsibility to perform the data sanitation competently and confidently, and to provide documentary evidence of the activities undertaken so as to satisfy any subsequent audit.
4 - Procedure For Recycling & Physical Disposal
The physical equipment, having been data sanitised, need to be disposed of in a manner that complies with environmental controls and the Waste Electrical and Electronic Equipment (WEEE) Directive.
5 - Documentation & Tracking
Disposing of any asset should be documented as it impacts on the balance sheet and the company’s valuation. Documentation and certification of disposal and/or destruction is also beneficial to satisfy any investigations or audits that may occur.
How A Professional IT Asset Disposal Company Can Help
A company such as Absolute IT Asset Disposals has vast experience in every facet of the process. We understand the legalities involved, and indeed the common pitfalls that organisations frequently fall foul of.
What we do is enable a business to outsource the activities that are subject to legislation and which require strict compliance to avoid severe penalties. These are in the areas of
Data Protection/GDPR and WEEE. Our fully certified and verifiable process provides an audit trail of the disposal of an asset, including sanitisation of any data and destruction of media when required.
Speak To Us
It is well worth your while to speak with us regarding your asset disposal policy and procedures. Our services can provide an additional layer of reassurance and compliance on top of your existing processes. Contact us today for a free initial consultation and to better understand how we can dovetail with your disposal requirements.