Analysis of Information Security through Asset Management in Academic Institutes of Pakistan

Assets are the resources used by the organization and play central role to meet the organizational objectives. The most critical asset of an organization is information which can be of any type i.e. electronic or in hard form. Different assets like backup drives, office files in either soft or hard form, networking devices etc. have large amount of information that needs to be protected from unauthorized access. Asset management is the methodical process of maintaining, upgrading and operating the assets. It has great significance to the business community as the value of assets is their influence on accomplishing the predefined organizational objectives. In academic institutes, information asset is used in teaching, research, administration and management, so all the assets containing useful information must be properly managed so that it remains available to the users. Unfortunately information security cannot be guaranteed100% by any mean or method. Therefore there is a need for standards to ensure best security practices to provide adequate level of security. ISO 27001 is one such standard, whose basic objective is to provide requirements for establishing, implementing, maintaining and continuously improving an Information Security Management System (ISMS). ISO 27001 provide complete guidance to the organization about asset management.