UnixTime

Research Note

Off-Premises Asset Protection Checklist

Use this checklist when approving, reviewing, or auditing assets used away from organization premises.

On this page

When to use this

Use this checklist when approving, reviewing, or auditing assets used away from organization premises.

Protection checklist

  • Asset removal is authorized.
  • Asset is recorded with custodian and location.
  • Sensitive data is encrypted where appropriate.
  • Device is managed or otherwise controlled.
  • Strong authentication is enabled.
  • Screen lock and timeout are configured.
  • Asset must not be left unattended in public places or vehicles.
  • Paper files/media have secure carrying and storage rules.
  • Loss/theft reporting route is known.
  • Return, review, or attestation date is defined.

Review record

Asset Custodian Control expected Control observed Gap Action owner Due date
TBD TBD TBD TBD TBD TBD TBD