๐ผ Asset Management (ID.AM)
- Contextual name: ๐ผ Asset Management (ID.AM)
- ID:
/frameworks/nist-csf-v1.1/id-am
- Located in: ๐ผ NIST CSF v1.1
Descriptionโ
The data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to organizational objectives and the organization's risk strategy.
Similarโ
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
| ๐ผ ID.AM-1: Physical devices and systems within the organization are inventoried | | | 2 | |
| ๐ผ ID.AM-2: Software platforms and applications within the organization are inventoried | | 4 | 6 | |
| ๐ผ ID.AM-3: Organizational communication and data flows are mapped | | 3 | 3 | |
| ๐ผ ID.AM-4: External information systems are catalogued | | | | |
| ๐ผ ID.AM-5: Resources (e.g., hardware, devices, data, time, personnel, and software) are prioritized based on their classification, criticality, and business value | | | | |
| ๐ผ ID.AM-6: Cybersecurity roles and responsibilities for the entire workforce and third-party stakeholders (e.g., suppliers, customers, partners) are established | | | | |