Please enable JavaScript.
Coggle requires JavaScript to display documents.
Domain 2 Asset Security 10% - Coggle Diagram
Domain 2 Asset Security 10%
2.1 Identify and classify information and assets
Data classification
Asset Classification
2.2 Establish information and asset handling requirements
2.3 Provision resources securely
Information and asset ownership
Asset inventory (e.g., tangible, intangible)
Asset management
2.4 Manage data lifecycle
Data roles (i.e., owners, controllers, custodians,
processors, users/subjects)
Data collection
Data location
Data maintenance
Data retention
Data remanence
Data destruction
2.5 Ensure appropriate asset retention (e.g., End-of-Life (EOL), End-of-Support (EOS))
2.6 Determine data security controls and compliance requirements
Data states (e.g., in use, in transit, at rest)
Scoping and tailoring
Standards selection
Data protection methods (e.g., Digital Rights Management (DRM), Data Loss Prevention (DLP),
Cloud Access Security Broker (CASB))