IT Asset inventories help your organization control IT costs, reduce risk, and automate modern IT environments.
IT Assets cannot be protected from existing or emerging threats if the personnel responsible for their protection are not aware that the assets exist within the environment. Asset inventories are also an important tool to help organizations track capital investments while reducing the likelihood of hardware theft going unrecognized. With the ASCENT Security Compliance Portal, your company will gain actionable insight into asset use, cost, and risk, all in one real-time cloud-based dashboard.
Active and passive discovery tools should be used on a regular basis to maintain and update the asset inventory. Your organization’s asset inventory elements should include the following:
- Hardware Assets
- Software Assets
- Sensitive Information
- Network Diagrams
- Storage Media
All information assets should be owned by a designated role within the organization. The inventory should be documented with the granularity deemed necessary for the tracking and reporting of assets and should be reviewed at least annually. Appropriate updates should be made during each review.
The asset inventory should be updated as an integral part of system component installations, removals, and system updates. The inventory should include all the relevant information necessary to recover from a disaster. This includes the type or classification of the asset along with the format, physical location, backup information, license information, and the importance or criticality (business value) of the asset.
To learn more about this pitfall, and 99 more, get my book: 100 Security Program Pitfalls and Prescriptions to Avoid Them (available on Amazon here). Or register for a demo of the ASECENT Security and Compliance Portal and get a free synopsis of the 100 Security Program Pitfalls eBook today.