subscribe: Daily Newsletter

 

ITAD policy ensures compliance, auditability and efficiency

0 comments

IT asset disposals (ITAD) and decommissioning is not only time consuming but could also be a costly exercise, especially without an effective ITAD policy in place. If not done professionally, the disposal of large quantities of IT assets could be a complicated, cumbersome task with several pitfalls.
Legislation prescribes that for example, a company with 500 computers split over three branches would require an information officer to deal with the Protection of Personal Information (PoPI) Act and at least one technician and business manager for the responsibility of each site.
Xperien CEO Wale Arewa says computer disposal could easily result in loss of information due to hard drive theft. “A decommissioning project would need to be defined to allow synchronisation between the team members and departments that require feedback of the items being disposed. This may include the finance department that requires information to allow termination of IT support payment, insurance payments and removal from the asset register.”
He says there are several options to consider. “Is it necessary to send all assets to a centralised location before the hard drive information is sanitised ? If one chooses to centralise, then secure logistics will play a major role in compliance to PoPI.”
How does one choose a logistics partner that will ensure hard drives are not stolen during transit and does one have enough volume of businesses to benefit from the economies of scale? This would require warehousing and the general rule is, less warehouse equals less shortages.
“Unfortunately in our society, warehouse staff are blue collar workers and this presents a challenge when hard drives can be removed from a computer without detection. The storing of decommissioned system must be kept to minimum,” he explains.
One also needs to determine whether the assets will be recycled or donated. This is a process that is extremely cumbersome and it is not simply about deciding on either process. With donations, one needs to comply with the Consumer Protection Act 68 of 2008.
The Act prescribes that even though a company is donating equipment, the recipient is entitled to equipment that is in proper working condition as well as a warranty. Alternatively, should one choose to recycle the item, the selection of a partner that understands the environmental risk is essential, especially considering that the liability is not easily transferable.
Arewa says customers can offset the cost of a secure IT asset-disposition program by realising its potential savings. “Retire your technology assets wisely by finding a third-party specialist with deep experience in secure IT asset disposition.”
“This trusted partner can help you find the metrics to convey a secure-asset disposition plan’s ROI to budget-minded superiors. And once the job is under way, your partner will provide complete documentation of the disposal process. You’ll rest assured that security regulations are being met,” he concludes.