IT Asset Management

The data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to business objectives and the organization?s risk strategy.

This exercise aids in determining priorities for organizational information systems and subsequently applying appropriate measures to adequately protect the organizational missions and business functions supported by those missions. The security controls applied to a particular information system should be commensurate with the potential impact on organizational operations and assets, individuals, or other organizations should there be a loss of confidentiality, integrity, or availability.

What Does It Mean?

1: Physical devices and systems within the organization are inventoried.

2: Software platforms and applications within the organization are inventoried.

3: Organizational communication and data flows are mapped.

4: External information systems are catalogued.

5: Resources (e.g., hardware, devices, data, and software) are prioritized based on their classification, criticality, and business value.

6: Cybersecurity roles and responsibilities for the entire workforce and third-party stakeholders (e.g., suppliers, customers, partners) are established.

Asset Inventory Spreadsheet

Lacking an asset inventory, here is a free spreadsheet to get you started in tracking and categorizing your IT assets!

NIST Guidance

IT Asset Management – Approach, Architecture, and Security Characteristics

Change Management Log

Are you still struggling with change management, here is a free tracking log to help get you started in the right direction!

Program Implementation Support

Are you looking for a partner to help develop industry best practices into your security program?Leading security professionals with the experience and professionalism you desire are at your fingertips.

Contact us today and let us know how we can be of service!

Contact Us

HITRUST Certification vs HIPAA: What you Need to Know

September 19, 2021BlogNo Comments

What is the difference between HITRUST Certifications and conducting a HIPAA Risk Assessment? Join us in today’s video as we…

Why Do Businesses Need an Incident Response Plan?

September 16, 2021BlogNo Comments

Join us in today’s video as we show you Why Do Businesses Need an Incident Response Plan? An incident response…

Vulnerability Assessment vs. Penetration Testing: What’s the Difference?

September 15, 2021BlogNo Comments

Understand the difference between conducting an annual penetration test, compared to completing a monthly vulnerability assessment in your IT environment….

Healthcare Cyber Security Trends: What You Need to Know Now and Going Forward

September 10, 2021BlogNo Comments

Healthcare Cyber Security Trends: What You Need to Know To Schedule Your Next Enterprise Security Risk Assessment Please Contact Your…