Asset management is the term used for identifying, tracking and defining ownership of information security related assets.
Information security assets can be split into a number of different categories:
Assets that should be logged are those which are relevant to the lifecycle of information, which includes; creation, processing, storage, transmission deletion and destruction.
It is very important that the asset registers are regularly reviewed to ensure that they are kept up to date. By assigning ownership at the earliest stage you can ensure that the correct assets are logged, classified, protected, and correctly handled for destruction/deletion.
When constructing an asset inventory you should ensure it contains sufficient information to identify the asset (type or category of asset, make or manufacturer, model, serial number), identifies the physical (or logical) location of the asset, information security classification of each asset, the purchase cost/current written down value/insurance value/all three for each asset, and the security processes or controls (including access controls, backups, etc.) associated with each asset.
One of the benefits to maintaining an up to date inventory of assets is that will facilitate a good regime for vulnerability, patching and change management.
Talk with an Expert
Speak with a solutions expert or architect. Give us a call or leave a message. Our team is ready for your business.