Get this Security+ CertiGuide for your own computer.
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 5:  Operational/Organizational Security (Domain 5.0; 15%)
      9  5.7  Risk Identification

Previous Topic/Section
5.7  Risk Identification
Previous Page
Pages in Current Topic/Section
1
Next Page
5.7.2  Risk Assessment
Next Topic/Section

5.7.1  Asset Identification

Before you can analyze risks, you need to know what you have to lose. In order to know that, you have to identify your organization’s assets.

Assets can be physical (or tangible) or intangible. In the physical world, Asset Identification can involve tagging each physical asset with a physical label (frequently with a bar code) or a tag with RFID (Radio Frequency IDentification) that derives its power from the reader, therefore not requiring a power source at the tag (which is how the exits work at some retail stores).

It is useful for inventory purposes to tag each asset with a unique number. The unique ID number makes it easy to maintain a database listing each asset, purchase information, description and location. Particularly when bar-code or electronic tags are used, asset tagging simplifies the process of conducting a periodic inventory of assets, where teams of asset control personnel manually go through an office recording the assets located there. Generally the value of physical assets can be estimated, often by starting with the item’s purchase price and then applying depreciation rules.

Intangible assets include information (such as the contents of databases), company goodwill and reputation (which might be damaged by an extended web site outage or defacement), etc. It may be difficult or impossible to accurately identify the value of intangible assets.

An important thing to note about assets of an “information age” company filled with knowledge workers is that the intangible information stored on a server may have a value far exceeding the value of the physical server itself. This is almost certainly the case in any software company and many e-commerce companies as well.


Previous Topic/Section
5.7  Risk Identification
Previous Page
Pages in Current Topic/Section
1
Next Page
5.7.2  Risk Assessment
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.