Identification of Organisational Assets
1. Definition of Asset
A component within an organization that has value contributes to business operations (Goh, 2008a) or the operational mission of the business units. Therefore, an appropriate level of protection for the assets within an organization is warranted. Such assets include:
- Employees;
- Information/Data;
- Facilities/ Equipment;
- Documents/Publications;
- Infrastructure;
- Goodwill
- Finances; and
- Organizational Image.
2. Identifying Information Assets
An Information Asset is organized information that is valuable to those who need it. It needs to be assessed easily. Information Assets comprise a wide range of products, services, and process information and are identified in Figure 6-2. Information Assets can be categorized as:
- Data and information;
- Network;
- Hardware; and
- Software and application.
Figure 1: Types of Information Assets
Figure 2: Examples of Each Type of Information Asset
An organization must identify what it is they are trying to protect from the influence of cybercriminals.
Do You Want to Continue BCM Training onsite or online?
Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.
Reference: Chapter 6 Risk Analysis and Review and Business Impact Analysis 6.5 Identification of Organisational Assets
Note: This version was the draft 2nd Edition being updated by 2023. The numeric in the square bracket [X.X] cross-refers to the actual chapter and section in the 1st Edition.