Please enable JavaScript.
Coggle requires JavaScript to display documents.
Information Asset Register (Other examples of Information assets…
Information Asset Register
Definitions and clarifications
List of customers
Sets of files - eg claims files
An information asset is
a body of knowledge that is organized and managed as a single entity
. Like any other corporate asset, an organization's information assets have financial value.
(
https://whatis.techtarget.com/definition/information-assets
)
databases
An information asset register is used to record and manage information assets. It will enable the
identification and management of the risk
posed to them. It will also
inform the implementation of any controls
used to mitigate the vulnerabilities.
If the organisation (particularly the security team) does not fully understand the types of information it holds, as well as the purpose for which it is held, then it will be difficult to protect it from external attack or internally generated compromise. It will also be difficult for the business to fully exploit the same asset.
public examples of meta-data / attributes
Name of asset
What does it do?
Location
Owner
Volume
Personal data
Access
Shared
Format
Retention Risks / impact
Key asset
Directorate
Name
Description
Purpose
Protective Marking
Other examples of Information assets
Strategies
Products and Services
Trade Secrets
Projects
Training Materials
Marketing Media
Sales Collateral
Customer Lists
Operations [... processes and procedures documentation]
Organisational Culture [ ... stories, visual symbols, principles / values etc]
Legal and compliance documents
Research and development [documents]
