IT Inventory Standard

1 PURPOSE 

The purpose of this standard is to establish a set of guidelines and procedures for the management, tracking, and maintenance of information technology (IT) inventory within the university. Effective IT inventory management is essential to ensure efficient use of resources, security, compliance, and continuity of IT services.


2 SCOPE 

This standard applies to all Â̾ÞÈËÊÓƵ Â̾ÞÈËÊÓƵ staff, faculty, students, affiliates, contractors, and third-party service providers who handle university data and information systems


3 STANDARD 

3.1 Asset Identification and Labeling

Each IT asset must be cataloged and when possible, assigned a unique identification number or barcode. Assets should be labeled clearly with this identifier for easy tracking and management.

3.2 Documentation

Maintain an accurate and up-to-date inventory database or management system. Include essential information for each asset, such as asset type, manufacturer, model, serial number, purchase date, warranty status, location, and assigned user.

3.3 Procurement and Acquisition

All IT purchases must adhere to the university's procurement policies and procedures. Document all purchase transactions and ensure proper approvals are obtained.

3.4 Asset Tracking

Conduct regular physical and digital audits to verify the existence and status of IT assets. Update the inventory database promptly to reflect changes, such as new acquisitions, movements, disposals, or upgrades.

3.5 Asset Lifecycle Management

Implement a lifecycle management strategy for IT assets, including maintenance schedules, upgrades, and end-of-life procedures. Dispose of outdated or non-functional assets in compliance with university and environmental regulations.

3.6 Security Measures

Protect IT assets from theft, damage, or unauthorized access. Implement access controls, surveillance, and physical security measures, as necessary

3.7 Software and Licensing

Maintain an inventory of software licenses and ensure compliance with licensing agreements. Regularly audit software installations to verify license usage.

3.8 Backup and Recovery

Implement backup and disaster recovery plans for critical IT assets and data. Test and update these plans regularly to ensure they remain effective.

3.9Ìý¸é±ð±è´Ç°ù³Ù¾±²Ô²µ

Generate and distribute regular reports on IT inventory status, including asset utilization, maintenance, and compliance with relevant policies and standards.

3.10 Training and Awareness

Provide training and awareness programs for personnel involved in IT inventory management. Ensure they understand their responsibilities and follow best practices

3.11 Disposal and Recycling

Dispose of outdated or obsolete IT assets in an environmentally responsible manner. Ensure data destruction is carried out securely, following established procedures

3.12 Compliance and Auditing

Conduct periodic audits to verify compliance with this standard. Address any identified non-compliance issues promptly.

3.13 Standard Naming Convention

Naming convention ensures the integrity of our hardware asset database by uniquely identifying each device and avoiding duplication, particularly when devices are reused across different locations. Duplicate records caused by similar names or reused locations can create confusion about which device requires support, resulting in delayed responses and inefficiencies.

What is the Standard Naming Convention?

For Computing Devices

The standard format for naming computing devices at Â̾ÞÈËÊÓƵ is:
[First Initial of Institution's Name] - [Device Serial Number]

Examples of Correct Computer Names:

  • UNH & USNH Systems Office: U-1AB234C
  • PSU: P-1AB234C
  • KSC: K-1AB234C

For Servers

The standard format for naming servers at Â̾ÞÈËÊÓƵ is:
[First Initial of Institution's Name] [Operating System Initial] [Tier Initial] - [Application Name (Max 8 characters)] - [Instance Number]

  • Institution Initials:
    • K – KSC
    • P – PSU
    • U – UNH and USNH Systems Office
  • Operating System Initials:
    • W – Windows
    • X – Linux/Unix
    • O – Other
  • Tier Initials:
    • D – Development
    • T – Test
    • P – Production
    • U – Upgrade

Examples of Correct Server Names:

  • UNH & USNH Systems Office: UWP-SKYNET-01
  • PSU: PXT-SKYNET-02
  • KSC: KOU-SKYNET-03

Important Guidelines

  • Devices must not be named using other conventions, including location information, user names, usage identifiers (e.g., "loaner"), or instrument names.
  • Location details should be stored within the hardware asset record for each device, not as part of the device name.

Following this naming standard ensures clear device identification, minimizes confusion, and supports timely and efficient IT assistance.


DOCUMENT HISTORY 

  • Approved by: Thomas Nudd, CISO
  • Reviewed by: Dr. David A Yasenchock, Director, Cybersecurity GRC
  • Revision History: V 1.0
    • Revised formatting, K SWEENEY, 30 MAY 2024
    • Added section 3.13, C GREBLOSKI, December 17, 2024