JSA

Asset Management Policy

2024
 JSA - Information Labeling and Handling Policy

The Firm
JSA is a leading national law firm in India. We are over 450
professionals operating out of our 7 offices: Ahmedabad,
Bengaluru, Chennai, Gurugram, Hyderabad, Mumbai and New
Delhi. For over 30 years we have provided legal
representation, advice and services to leading international
and domestic businesses, banks, financial services providers,
funds, governmental and statutory authorities, and multilateral
and bilateral institutions. We are recognised as the Indian law
firm that led and continues to lead in India a paradigm shift
towards institutionalising and professionalising law firm
ownership and management. This contemporary and modern
approach is reflected in our work.

CLASSIFICATION: INTERNAL
This document is the sole property of JSA. Any use or duplication of this document without express
permission of JSA is strictly forbidden and illegal.

Copyright © JSA | all rights reserved 2

 JSA - Information Labeling and Handling Policy

Document Information

Version: 1.0
Document Creation Date: September 22nd,2017
Classification Internal

Document Distribution list

This table serves the purpose to record and track the document distribution.
Date Version Author

September22nd,2017 1.0 Mandeep Kaur

Valid From September22nd,2017 Replaces previous releases, if any.

Published by J. Sagar Associates Valid Till Reissued.
All Rights Reserved.

Modification History
Description of Change Date of Change Version No.

1 First draft for review September 22nd,2017 1.0

2 Second draft for review December 13th, 2017 1.1
3 Third draft for review March 1st, 2018 1.2
4 Fourth draft for review May 29th, 2018 1.3
5 Fifth draft for review January 27th, 2019 1.4
6 Approved by ExCom May 2nd, 2019 1.4
7 Yearly Review October 16th, 2020 1.4
8 Yearly Review November 9th, 2021 1.4
9 Updated as per ISO 27001: 2022 Standards January 2023 2.0

10 Yearly Review March 29,2024 2.0

Copyright © JSA | all rights reserved 3

 JSA - Information Labeling and Handling Policy

Copyright © JSA | all rights reserved 4

 JSA - Information Labeling and Handling Policy

Contents
The Firm 2
Document Information 3
Scope 5
Policy Statement 5
Purpose 5
Policy Sections and clauses 5
Enforcement 6
Special situations and exceptions 7
References 7

Copyright © JSA | all rights reserved 5

 JSA - Information Labeling and Handling Policy

Scope
This Asset Management Policy is applicable to all usage of the information systems and
computing resources of JSA.

Policy Statement
All information systems and computing resources of JSA shall be inventoried with necessary
details, which shall, amongst others, include the owners of such information systems and
computing resources. Information security shall be maintained across the lifecycle of an asset.

Purpose
This policy is designed to protect JSA’s IT hardware/software resources and information assets
by establishing a policy for asset management and controlled usage.

Policy Sections and clauses

General Usage and Ownership
 Safeguarding of JSA’s information assets shall be the responsibility of each user.

 All users are responsible for the protection, privacy, and control of all data, regardless of the
data storage medium.
 Users are responsible for understanding the meaning and purpose of the data to which they
have access and may use this data only to support the normal functions of the users’
administrative and official duties.
 Users are responsible for all transactions occurring under his/her user id and/or password.
Unless specific authorization has been sought, passwords and user ids should not be shared
with anyone under any circumstances.
 Rules, procedures, and agreements to protect the information in transit from JSAs should
reflect the classification of the information involved. Where information is transferred
between the JSA and third parties, transfer agreements (including recipient authentication)
should be established and maintained to protect the information in all forms in transit.

Copyright © JSA | all rights reserved 6

 JSA - Information Labeling and Handling Policy

Tracking of Assets
 Material Inward/Outward register shall be maintained to track the movement of assets (other
than JSA’s IT hardware equipment which are specifically allotted to the employees/attorneys
for discharging their day-to-day duties) in and out of the organization.
 All assets shall be maintained in the asset inventory.
 Assets will be maintained with the description of the assets, the owner of the assets.
 All assets must have an ID/serial number. Either an internal tracking number will be assigned
when the asset is acquired, or the Manufacturer ID numbers shall be used.
 When an asset is acquired, an ID will be assigned for the asset and its information shall be
entered in the asset register.
 prevention against sending documents and messages in communications to the wrong
address or number.

Asset Disposal
 Sensitive data stored in assets should be removed prior to their disposal.

 The user of the asset must determine what level of maximum sensitivity of data is stored on
the device like hard disk drives and below is listed the action for the device based on data
sensitivity according to the data assessment process.
 None (Public) - No requirement to erase data but in the interest of prudence normally
erase the data using any means such as reformatting or degaussing.
 Low (Internal) - Erase the data using any means such as reformatting or degaussing.
 Medium and High (Confidential and Restricted) - The data must be erased with an
approval from the data owner/IT Manager (Systems) to make sure it is not readable using
special latest techniques like Kill Disk.
 Asset disposal form should be documented and retained in case of any asset disposals

Enforcement
Necessary disciplinary action will be taken against any employee / attorney not following the
policies and procedures laid down by the firm. Additionally, action will be taken against those
employee / attorneys who encourage /observe such activities and do not report the same to
the concerned authority. Any employee / attorney found to have violated this policy may be
subject to disciplinary action, up to and including termination of employment / retainership as
per JSA HR policies.

Special situations and exceptions

Copyright © JSA | all rights reserved 7
 JSA - Information Labeling and Handling Policy

JSA’s executive committee, Indian government or any other regulatory body or norms thereof
may override JSA’s policies / procedures at any time..

References
A.8.1 - ISO 27001:2022

Copyright © JSA | all rights reserved 8

 Ahmedabad | Bengaluru | Chennai | Gurugram | Hyderabad | Mumbai | New Delhi

This document is not an advertisement or any form of solicitation and must not be construed as such.
This document has been prepared for general information purposes only. Any onward distribution of
this document must be with the prior consent of JSA. Trademarks, logos or names of any third persons
used in this proposal are for representation purposes only and JSA does not have any ownership rights
in such trademarks, logos or names. JSA disclaims all and any liability to any person who takes any
decision based on this document.
Copyright © JSA | all rights reserved