It seems like a simple question. However, asset identification is an in-depth process that determines what assets you have, how valuable they are and what level of security is required to protect them. This means looking at all aspects of your organization and understanding how they function independently and together.
How to start an asset evaluation:
Step 1: Assemble key stakeholders
One of the most important components of an enterprise security program is categorizing your assets and assigning priority levels. It takes a team to understand every part of an organization. You need access to managers or directors throughout the business. These are the people who can educate you on the business intricacies, explain what is mission critical to their respective areas and flag threats.
Step 2: Take inventory
Buildings, equipment, inventory and people are fairly easy to identify as assets, but a thorough assessment means looking beyond the obvious. Assets like communications, information and transportation networks as well as building systems and intellectual property also need to be included.
Step 3: Asset Valuation
After your team has surveyed and mapped out all of the organizational assets, the next exercise is to assign values. In order to take into account a number of key elements crucial to determining value, try asking the following key questions to help prioritize assets and the needed level of security to protect them.
- How old are the assets?
- How long will it take to replace?
- What is the replacement cost?
- Have you factored in standard depreciation? (usually 3-5 year lifecycles)
- What is the full impact of the loss or partial loss of the asset?
- How will the asset loss affect other aspects of the organization?
Performing an asset survey is time consuming, but well worth the resource expenditure since it's one of the most basic steps to protecting your organization. When paired together, an asset evaluation, a needs assessment and a transition plan, provide a holistic view of the security program and unveil a vision for a true path forward.
Experienced security integrators expedite the process
Security 101 professionals have worked with several different organizations to expedite the process. They know where to look for hidden assets and how to put a value on them. Most importantly, they know how to create an enterprise security program that mitigates vulnerabilities.