5.7.1 Asset Identification
Before you can analyze risks, you need to know what you have to lose. In order to know that, you have to identify your organizations assets.
Assets can be physical (or tangible) or intangible. In the physical world, Asset Identification can involve tagging each physical asset with a physical label (frequently with a bar code) or a tag with RFID (Radio Frequency IDentification) that derives its power from the reader, therefore not requiring a power source at the tag (which is how the exits work at some retail stores).
It is useful for inventory purposes to tag each asset with a unique number. The unique ID number makes it easy to maintain a database listing each asset, purchase information, description and location. Particularly when bar-code or electronic tags are used, asset tagging simplifies the process of conducting a periodic inventory of assets, where teams of asset control personnel manually go through an office recording the assets located there. Generally the value of physical assets can be estimated, often by starting with the items purchase price and then applying depreciation rules.
Intangible assets include information (such as the contents of databases), company goodwill and reputation (which might be damaged by an extended web site outage or defacement), etc. It may be difficult or impossible to accurately identify the value of intangible assets.
An important thing to note about assets of an information age company filled with knowledge workers is that the intangible information stored on a server may have a value far exceeding the value of the physical server itself. This is almost certainly the case in any software company and many e-commerce companies as well.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.