Instructions
This gap analysis document provides a simple framework for evaluation the current status of a “IT asset management system” (ITAMS) according to ISO19770-1:2017 standard.
The status column is marked by one of the following identifiers:
- V: Validated ; The associated item is compliant with the standard.
- P: Partial ; The associated item is partially compliant with the standard.
- M: Missing ; The associated item is NOT compliant with the standard.
- N/A: The associated item is not applicable.
The evidence shall be provided by the target user, while optional comment maybe added by the target user or the assessor.
Part 1: Requirements
Chapter 4: Context of the organization
| Requirement |
Status (V, P, M, N/A) |
Evidence |
Comments |
| 4.1 Understanding the organization and its context |
|
|
|
| 4.2 Understanding the needs and expectation of stakeholders |
|
|
|
| 4.3 Determining the scope of IT Asset management system |
|
|
|
| 4.4 IT Asset management system |
|
|
|
Chapter 5: Leadership
| Requirement |
Status (V, P, M, N/A) |
Evidence |
Comments |
| 5.1 Leadership |
|
|
|
| 5.2 Policy |
|
|
|
| 5.3 Organizational roles, responsabilities and authorities |
|
|
|
Chapter 6: Planning
| Requirement |
Status (V, P, M, N/A) |
Evidence |
Comments |
| 6.1 Actions to address risks and opportunities for the IT asset management |
|
|
|
| 6.2 IT asset management objectives and planning to achieve them |
|
|
|
Chapter 7: Support
| Requirement |
Status (V, P, M, N/A) |
Evidence |
Comments |
| 7.1 Resources |
|
|
|
| 7.2 Competence |
|
|
|
| 7.3 Awareness |
|
|
|
| 7.4 Communication |
|
|
|
| 7.5 Information requirements |
|
|
|
| 7.6 Documented information |
|
|
|
Chapter 8: Operation
| Requirement |
Status (V, P, M, N/A) |
Evidence |
Comments |
| 8.1 Operational planning and control |
|
|
|
| 8.2 Management of change |
|
|
|
| 8.3 Core data management |
|
|
|
| 8.4 License management |
|
|
|
| 8.5 Security management |
|
|
|
| 8.6 Other processes |
|
|
|
| 8.7 Outsourcing and services |
|
|
|
| 8.8 Mixed responsabilitie between the organization and its personnel |
|
|
|
| Requirement |
Status (V, P, M, N/A) |
Evidence |
Comments |
| 9.1 Monitoring, measurement, analysis and evaluation |
|
|
|
| 9.2 Internal audit |
|
|
|
| 9.3 Management review |
|
|
|
Chapter 10: Improvement
| Requirement |
Status (V, P, M, N/A) |
Evidence |
Comments |
| 10.1 Nonconformity and corrective action |
|
|
|
| 10.2 Preventive action |
|
|
|
| 10.3 Continual improvement |
|
|
|