ISO/IEC 19770-1:2017

Information technology — IT asset management — Part 1: IT asset management systems — Requirements

ISO/IEC 19770-1:2017 specifies requirements for an IT asset management system within the context of the organization. ISO/IEC 19770-1:2017 can be applied to all types of IT assets and by all types and sizes of organizations. NOTE 1 This document is intended to be used for managing IT assets in particular, but it can also be applied to other asset types. It can be suitable, in whole or in part, for managing embedded software and firmware, however its use for these purposes has not been determined. It is not intended for managing information assets per se, i.e. it is not intended for managing information as an asset independent of hardware and software assets. Certain types of data and information are covered, such as data and information about IT assets in scope, and depending on how the scope is defined, it can cover digital information content assets. See the Introduction for an explanation about IT assets. NOTE 2 This document does not specify financial, accounting, or technical requirements for managing specific IT asset types. NOTE 3 For the purposes of this document, the term "IT asset management system" is used to refer to a management system for IT asset management. ISO/IEC 19770-1:2017 is a discipline-specific extension of ISO 55001:2014, with changes, and is not a sector-specific application of that International Standard. ISO 55001:2014 is intended to be used for managing physical assets in particular, but it can also be applied to other asset types. This document specifies requirements for the management of IT assets which are additional to those specified in ISO 55001:2014. Conformance to this document does not imply conformance to ISO 55001:2014. ISO/IEC 19770-1:2017 can be used by internal and external parties to assess the organization's ability to meet the organization's own IT asset management requirements.