The importance of having an Asset List

6 Sep

In July I attended and presented at the East Midlands Cyber Security Conference and Expo, at the National Space Centre in Leicester.

Asset List blog2In their presentations, Derbyshire’s Assistant Chief Constable –  Martyn Bates, Del Heppenstall – Director, KPMG, and Christian Toon – Cyber Security Specialist, PricewaterhouseCoopers LLP all mentioned in one way or the other the importance of maintaining an asset list.

In my presentation on Implementing Cyber Essentials, I also observed that while not a specific requirement of Cyber Essentials, in practice you will find it hard to manage a certified environment unless you have a good view of the complete list of assets.

If we take a look at the ISO 27001 standard for information security management systems, Section A 8.1.1 declares “Assets associated with information and information processing facilities shall be identified and an inventory of these assets shall be drawn up and maintained”.

So the evidence seems conclusive, if you care about security in your business, you really must make an asset list. Without one, how can you be sure the asset is suitably protected?

Please join the discussion, we welcome your views...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: