Secure equipment repair policy and confidentiality agreement

This policy and agreement will help you define security requirements and monitor the status of equipment being repaired when your organization works with third parties to fix failed systems.

From the policy:

Summary
Organizations must frequently work with third parties to repair laptops, desktops, tablets, smartphones, servers, and other IT equipment. This policy ensures that the organization maintains regulatory and best business practice security compliance while tracking systems when they are being repaired.

Policy details
Authorized third parties that assist the organization in diagnosing and repairing servers, desktops, laptops, tablets, smartphones, and other IT equipment failures must sign a Confidentiality Agreement. It’s designed to ensure that both the organization and the third-party repair provider understand the obligations and safeguards each must undertake to protect the organization’s applications, software, email, documents, files, and other data from unauthorized access.

The Confidentiality Agreement must be executed before devices and equipment can be entrusted to a third party for troubleshooting and repair. It must also be in place before organization servers, desktops, laptops, smartphones, tablets, and other IT equipment can be transported offsite for diagnostic testing and repair or reinstallation.

If IT equipment must be returned to the manufacturer for repair, the data storage device(s) must be removed prior to the unit being shipped to the manufacturer. If the data storage device must be present in the system for testing and troubleshooting when the unit is sent offsite for repair, all organization data, files, and information must be securely removed before the unit is sent to the manufacturer. No data storage device can leave the organization’s custody without a signed Confidentiality Agreement on file from the service provider.

The IT department must track systems sent offsite for diagnostic testing, repair, and/or reinstallation using the System Repair Log. The IT director is responsible for implementing and maintaining the System Repair Logs and Confidentiality Agreements with repair providers.

Resource Details

or

* Sign up for a TechRepublic Premium subscription for $299.99/year, and download this content as well as any other content in our library. Cancel anytime. Details here.

Provided by:
TechRepublic Premium
Published:
September 14, 2016
Topic:
TechRepublic Premium
Format:
PDF
or

* Sign up for a TechRepublic Premium subscription for $299.99/year, and download this content as well as any other content in our library. Cancel anytime. Details here.

Billing Information

Payment Information

Your total Single Purchase Charges

USD $99.00
  1. USD $99.00 Subtotal
  2. USD $0.00 Tax, GST, or VAT
  3. USD $0.00 Discount

Upgrade To A Subscription And Save

Only $299.00 / year
  1. USD $299.00 Subtotal
  2. USD $0.00 Tax, GST, or VAT
  3. USD $0.00 Discount

A credit card or PayPal account is required for purchase. You will be billed the total shown above and you will receive a receipt via email once your payment is processed.

A credit card or PayPal account is required to activate your subscription. You will be billed $299.00/year and you will receive a receipt via email once your payment is processed. You may cancel your subscription with at least 10 business days notice prior to the expiration of your current subscription by accessing the Premium tab in your TechRepublic Profile and selecting "Cancel Subscription."

TechRepublic Premium is the fastest, smartest way to solve the toughest IT problems. Subscribe to access our full library of resources and gain benefits from:

Quick access to expert analysis from IT leaders, original research and surveys, comprehensive guides on hot topics, and eBooks from TechRepublic.

Ready-to-go policies and initiatives, downloadable templates and forms you can customize, and hundreds of time-saving tools, calculators and kits.