Episode 28 — A.5.11–5.12 — Return of assets; Classification of information

A.5.11 mandates that employees, contractors, and third parties return all organizational assets upon termination or change of role. For the exam, highlight that “assets” include devices, credentials, tokens, documents, and data copies in cloud storage or personal devices. The control reduces exposure by ensuring that access and material are promptly reclaimed, logged, and sanitized. A.5.12 requires a classification scheme for information based on value, sensitivity, and legal or contractual obligations, typically defining labels and handling rules. Classification enables proportional controls for confidentiality, integrity, and availability across the information lifecycle and is foundational to encryption, DLP, retention, and sharing decisions.

Operationalizing return-of-assets involves coordinated offboarding checklists across HR, IT, Security, and Procurement, with time-bound steps for account disablement, token revocation, and media return. Device collection includes verifying inventory IDs, wiping data to approved standards, and updating records to close custody. Classification programs define few, memorable levels (for example, Public, Internal, Confidential, Restricted) with handling rules that are concrete and automatable. Pitfalls include partial offboarding for contractors, overlooked cloud shares, and classification tags that are too granular to use. Mature organizations embed classification in document templates, data catalogs, and automated labelling in collaboration suites; they measure offboarding SLA compliance and mislabeling rates discovered by DLP. Candidates should tie these controls to evidence: offboarding tickets, access recertification snapshots, classification policy matrices, and sampling that demonstrates consistent handling in email, storage, and backups. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with.