Cybersecurity Asset Management | IT Security Risk Manager

IT Asset Management

The data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to business objectives and the organization’s risk strategy.

This exercise aids in determining priorities for organizational information systems and subsequently applying appropriate measures to adequately protect the organizational missions and business functions supported by those missions. The security controls applied to a particular information system should be commensurate with the potential impact on organizational operations and assets, individuals, or other organizations should there be a loss of confidentiality, integrity, or availability.

What Does It Mean?

1: Physical devices and systems within the organization are inventoried.

2: Software platforms and applications within the organization are inventoried.

3: Organizational communication and data flows are mapped.

4: External information systems are catalogued.

5: Resources (e.g., hardware, devices, data, and software) are prioritized based on their classification, criticality, and business value.

6: Cybersecurity roles and responsibilities for the entire workforce and third-party stakeholders (e.g., suppliers, customers, partners) are established.

Asset Inventory Spreadsheet

Lacking an asset inventory, here is a free spreadsheet to get you started in tracking and categorizing your IT assets!

NIST Guidance

IT Asset Management – Approach, Architecture, and Security Characteristics

Change Management Log

Are you still struggling with change management, here is a free tracking log to help get you started in the right direction!

Program Implementation Support

Are you looking for a partner to help develop industry best practices into your security program?Leading security professionals with the experience and professionalism you desire are at your fingertips.

Contact us today and let us know how we can be of service!

Contact Us

Information Systems

October 27, 2015Asset Management1 comment

At present, the great majority of organizations are subjected to a variety of external and internal security threats, like the manipulation as well as theft of information...