The asset management process maintains an up-to-date database of all assets belonging to an organization.
The process is also responsible for the life cycles of these assets.
In the context of information technology, an asset can be a physical device (e.g. a server), but it can also be non-physical (like for example a software).
It is very important that an organization always knows which kinds of assets it currently possesses.
The default asset management process of the Cybermain Governance Platform has multiple paths and covers adding of new assets.
The process starts with a question to an user that has the role of an Asset-Manager
ar by an user that has the role of an Change-Manager
The first step is a question-step figuring out if the new asset is hardware, software or uncategorized.
If the new asset is hardware, the next step (left path) requests the Asset-Manager to enter information into a pre-defined table.
Columns of this table are the name of the asset, the producer, the owner, the location, the IP address (if available) and certain other detailed information.
Finally, the Asset-Manager needs to upload document about the asset (PDF, e.g. the specifications) and the path is finished.
If the new asset is software, the next step (path in the middle) requests the Asset-Manager to enter information into a pre-defined table.
Columns of this table are the name of the asset, the producer, the number of planned installations, the support contact and certain information about licensing.
Subsequently, a document about this new asset needs to be uploaded (PDF, e.g. the user manual).
In the last step, the Vulnerability-Manager of the organization is informed about the new software component.
If the new asset is neither hardware or software (right path), a free text-based description needs to be entered by the Asset-Manager.
Subsequently, the upload of a document about the asset is required (PDF) and there is another question-step asking the Asset-Manager to estimate potential risks of this asset.
If this asset might cause any risks to the organization, the Risk-Manager of the organization is informed and needs to upload a risk-analysis in the next step.
Finally, the Change-Manager of the organization is informed about the asset.
You can sign-up
for free or contact us
if you have any questions.