CHAPTER 10
Asset Management
The fundamental objective of an information assurance management program is to protect the confidentiality, integrity, and availability of an organization’s assets throughout the life cycle in accordance with the MSR model. A best-practice security risk assessment exercise begins with an identification of the assets, followed by an evaluation of the asset sensitivity and criticality. This ensures that asset protection is proportional to the asset value.
In Chapter 2, when discussing the IAMS, we noted that each information asset has its life cycle. At any stage of the life cycle, the asset is constantly at risk. In fact, asset management is among the early activities in the IAMS.
This chapter explores the broad area ...
Get Information Assurance Handbook: Effective Computer Security and Risk Management Strategies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.