Cybersecurity Series
Cyber Security_Blog_with Book

CIR RAR-BIA Identification of Organisational Assets

A component within an organization that has value contributes to business operations or the operational mission of the business units.

Therefore, an appropriate level of protection for the assets within an organization is warranted.

Reference: Chapter 6 Risk Analysis and Review and Business Impact Analysis 6.5 Identification of Organisational Assets

Moh Heng Goh

Identification of Organisational Assets

C6 CIR Organisational Assets

1. Definition of Asset

A component within an organization that has value contributes to business operations (Goh, 2008a) or the operational mission of the business units. Therefore, an appropriate level of protection for the assets within an organization is warranted. Such assets include:

  • Employees;
  • Information/Data;
  • Facilities/ Equipment;
  • Documents/Publications;
  • Infrastructure;
  • Goodwill
  • Finances; and
  • Organizational Image.

2. Identifying Information Assets

Information Assets_v2An Information Asset is organized information that is valuable to those who need it. It needs to be assessed easily. Information Assets comprise a wide range of products, services, and process information and are identified in Figure 6-2. Information Assets can be categorized as:

  • Data and information;
  • Network;
  • Hardware; and
  • Software and application.

 

  

Figure 1: Types of Information Assets

Information Assets 2_v2

Figure 2: Examples of Each Type of Information Asset

An organization must identify what it is they are trying to protect from the influence of cybercriminals. 

Figure 1 and 2 concentrate explicitly on identifying information assets since the key is to focus on managing cyber security incidents affecting these assets.

The list of information assets is non-exhaustive; the amount and type of information assets depend on what an organization’s business functions would require.

C6 CIR RAR and BIA Process
  Back To

 

 


BCMI Logo

Do You Want to Continue BCM Training onsite or online?

Competency-based Course
Certification Course
New call-to-action New call-to-action [BL-3-Catalog] What Specialist Level Blended Learning Courses that are Available? [BL-5-Catalog] What Expert Level Blended Learning Courses that are Available?

A Manager’s Guide to BCM for Cybersecurity Incident Response

Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.

Reference: Chapter 6 Risk Analysis and Review and Business Impact Analysis 6.5 Identification of Organisational Assets

Note: This version was the draft 2nd Edition being updated by 2023. The numeric in the square bracket [X.X] cross-refers to the actual chapter and section in the 1st Edition.

 

Comments:

 

More Posts

New Call-to-action