Definition: An Information Asset Inventory is one of the most crucial information assurance principles. Every single asset in the business or organization’s data processing infrastructure must be accounted for and listed. Included in the listing should be document serial numbers, version, location, format, description, value and any another other data set that enhances understanding. Also, each class of document should contain a security classification. It determines the level of protection the document(s) should received within the security plan. The activity is time-consuming and very detailed. Maintaining a listing of assets is a security best practice. See Paladin Information Assurance for a more detailed overview of a security plan and information assurance.
Its Relevance: Infrastructure owners must consider, “How can you protect mission critical data if you are unaware of what you have?” You can’t. That’s why the proper accounting and documentation of every critical component should be performed. Less critical assets can be given a lower priority for protection and those that are vital to the continuity of operations must be given the highest.