Technologies de l'information — Gestion des actifs logiciels — Partie 1: Procédés et évaluation progressive de la conformité

Numéro de référence:
CAN/CSA-ISO/IEC 19770-1
Catégorie de norme:
Norme nationale du Canada - Adoption d'une Norme internationale
Type d’activité d’élaboration de normes:
Nouvelle version
Statut:
En cours d'élaboration
Date de début de la période de commentaires OEN:
Date de fin de la période de commentaires des OEN:
Affiché le:

Porté:

Champ d’application

1.1 Purpose

This document specifies requirements for an IT asset management system within the context of the organization.

This document can be applied to all types of IT assets and by all types and sizes of organizations.

NOTE 1 This document is intended to be used for managing IT assets in particular, but it can also be applied to other asset types. It can be suitable, in whole or in part, for managing embedded software and firmware, however its use for these purposes has not been determined. It is not intended for managing information assets per se, i.e. it is not intended for managing information as an asset independent of hardware and software assets.

Certain types of data and information are covered, such as data and information about IT assets in scope, and depending on how the scope is defined, it can cover digital information content assets. See the Introduction for an explanation about IT assets.

NOTE 2 This document does not specify financial, accounting, or technical requirements for managing specific IT asset types.

NOTE 3 For the purposes of this document, the term “IT asset management system” is used to refer to a management system for IT asset management.

This document is a discipline-specific extension of ISO 55001:2014, with changes, and is not a sector- specific application of that International Standard. ISO 55001:2014 is intended to be used for managing physical assets in particular, but it can also be applied to other asset types. This document specifies requirements for the management of IT assets which are additional to those specified in ISO 55001:2014.

Conformance to this document does not imply conformance to ISO 55001:2014.

This document can be used by internal and external parties to assess the organization’s ability to meet the organization’s own IT asset management requirements.

1.2 Field of application

This document applies to IT asset management processes and can be implemented by organizations to achieve immediate benefits.

This document can be applied to all IT assets. For example, it can be applied to not only IT hardware but also to executable software (such as application programs and operating systems) and non- executable software (such as fonts and configuration information). It can be applied to all technological environments and computing platforms (e.g. virtualized software applications, on-premises or software- as-a-service; it is equally relevant in cloud computing as it is in legacy computing environments).

1.3 Limitations

This document does not detail the IT asset management processes in terms of methods or procedures required to meet the requirements for outcomes of a process.

This document does not specify the sequence of steps an organization should follow to implement IT asset management.

 

This document does not detail documentation in terms of name, format, explicit content and recording media.

Raison d’être du projet

Raison d’être du projet
To align Canadian requirements with those of the respective international standards being proposed for adoption. To maintain alignment between Canadian information and communication technology standards and each respective international standard.

Note : L’information ci-dessus a été recueillie et est diffusée par le Conseil canadien des normes (CCN) pour les besoins de son système de notification centralisé et transparent pour l’élaboration de nouvelles normes. Le système permet aux organismes d’élaboration de normes (OEN) accrédités par le CCN et aux membres du public d’être informés des nouveaux travaux d’élaboration de normes au Canada. Il donne aussi aux OEN accrédités la possibilité de repérer et de résoudre les cas de doubles emplois éventuels dans les normes et les travaux de normalisation.

Les OEN sont eux-mêmes responsables du contenu et de l’exactitude de l’information présentée ici. Cette information n’existe que dans la langue dans laquelle elle a été fournie au CCN.