1 PURPOSEÂ
The purpose of this standard is to establish a set of guidelines and procedures for the management, tracking, and maintenance of information technology (IT) inventory within the university. Effective IT inventory management is essential to ensure efficient use of resources, security, compliance, and continuity of IT services.
2 SCOPEÂ
This standard applies to all ×î¿ì¿ª½±Ö±²¥½ÁÖé½á¹û ×î¿ì¿ª½±Ö±²¥½ÁÖé½á¹û staff, faculty, students, affiliates, contractors, and third-party service providers who handle university data and information systems
3 STANDARDÂ
3.1 Asset Identification and Labeling
Each IT asset must be cataloged and when possible, assigned a unique identification number or barcode. Assets should be labeled clearly with this identifier for easy tracking and management.
3.2 Documentation
Maintain an accurate and up-to-date inventory database or management system. Include essential information for each asset, such as asset type, manufacturer, model, serial number, purchase date, warranty status, location, and assigned user.
3.3 Procurement and Acquisition
All IT purchases must adhere to the university's procurement policies and procedures. Document all purchase transactions and ensure proper approvals are obtained.
3.4 Asset Tracking
Conduct regular physical and digital audits to verify the existence and status of IT assets. Update the inventory database promptly to reflect changes, such as new acquisitions, movements, disposals, or upgrades.
3.5Â Asset Lifecycle Management
Implement a lifecycle management strategy for IT assets, including maintenance schedules, upgrades, and end-of-life procedures. Dispose of outdated or non-functional assets in compliance with university and environmental regulations.
3.6Â Security Measures
Protect IT assets from theft, damage, or unauthorized access. Implement access controls, surveillance, and physical security measures, as necessary
3.7Â Software and Licensing
Maintain an inventory of software licenses and ensure compliance with licensing agreements. Regularly audit software installations to verify license usage.
3.8Â Backup and Recovery
Implement backup and disaster recovery plans for critical IT assets and data. Test and update these plans regularly to ensure they remain effective.
3.9Ìý¸é±ð±è´Ç°ù³Ù¾±²Ô²µ
Generate and distribute regular reports on IT inventory status, including asset utilization, maintenance, and compliance with relevant policies and standards.
3.10Â Training and Awareness
Provide training and awareness programs for personnel involved in IT inventory management. Ensure they understand their responsibilities and follow best practices
3.11Â Disposal and Recycling
Dispose of outdated or obsolete IT assets in an environmentally responsible manner. Ensure data destruction is carried out securely, following established procedures
3.12Â Compliance and Auditing
Conduct periodic audits to verify compliance with this standard. Address any identified non-compliance issues promptly.
3.13 Standard Naming Convention
Naming convention ensures the integrity of our hardware asset database by uniquely identifying each device and avoiding duplication, particularly when devices are reused across different locations. Duplicate records caused by similar names or reused locations can create confusion about which device requires support, resulting in delayed responses and inefficiencies.
What is the Standard Naming Convention?
For Computing Devices
The standard format for naming computing devices at ×î¿ì¿ª½±Ö±²¥½ÁÖé½á¹û is:
[First Initial of Institution's Name] - [Device Serial Number]
Examples of Correct Computer Names:
- UNH & ×î¿ì¿ª½±Ö±²¥½ÁÖé½á¹û Systems Office: U-1AB234C
- PSU: P-1AB234C
- KSC: K-1AB234C
For Servers
The standard format for naming servers at ×î¿ì¿ª½±Ö±²¥½ÁÖé½á¹û is:
[First Initial of Institution's Name] [Operating System Initial] [Tier Initial] - [Application Name (Max 8 characters)] - [Instance Number]
- Institution Initials:
- K – KSC
- P – PSU
- U – UNH and ×î¿ì¿ª½±Ö±²¥½ÁÖé½á¹û Systems Office
- Operating System Initials:
- W – Windows
- X – Linux/Unix
- O – Other
- Tier Initials:
- D – Development
- T – Test
- P – Production
- U – Upgrade
Examples of Correct Server Names:
- UNH & ×î¿ì¿ª½±Ö±²¥½ÁÖé½á¹û Systems Office: UWP-SKYNET-01
- PSU: PXT-SKYNET-02
- KSC: KOU-SKYNET-03
Important Guidelines
- Devices must not be named using other conventions, including location information, user names, usage identifiers (e.g., "loaner"), or instrument names.
- Location details should be stored within the hardware asset record for each device, not as part of the device name.
Following this naming standard ensures clear device identification, minimizes confusion, and supports timely and efficient IT assistance.
DOCUMENT HISTORYÂ
- Approved by: Thomas Nudd, CISO
- Reviewed by: Dr. David A Yasenchock, Director, Cybersecurity GRC
- Revision History: V 1.0
- Revised formatting, K SWEENEY, 30 MAY 2024
- Added section 3.13, C GREBLOSKI, December 17, 2024