💼 ID.AM-07: Inventories of data and corresponding metadata for designated data types are maintained

• Contextual name: 💼 ID.AM-07: Inventories of data and corresponding metadata for designated data types are maintained
• ID: /frameworks/nist-csf-v2.0/id-am/07
• Located in: 💼 Asset Management (ID.AM)

Description

1. Maintain a list of the designated data types of interest (e.g., personally identifiable information, protected health information, financial account numbers, organization intellectual property, operational technology data)
2. Continuously discover and analyze ad hoc data to identify new instances of designated data types
3. Assign data classifications to designated data types through tags or labels
4. Track the provenance, data owner, and geolocation of each instance of designated data types

Similar

• Sections
  • /frameworks/nist-csf-v1.1/id-am/05
  • /frameworks/nist-sp-800-53-r5/cm/12
  • /frameworks/nist-sp-800-53-r5/cm/13
  • /frameworks/nist-sp-800-53-r5/si/12

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 ID.AM-5: Resources (e.g., hardware, devices, data, time, personnel, and software) are prioritized based on their classification, criticality, and business value
💼 NIST SP 800-53 Revision 5 → 💼 CM-12 Information Location	1
💼 NIST SP 800-53 Revision 5 → 💼 CM-13 Data Action Mapping
💼 NIST SP 800-53 Revision 5 → 💼 SI-12 Information Management and Retention	3		2

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (2)

Policy	Logic Count	Flags
📝 AWS Backup Vault contains unencrypted Recovery Points 🟢	1	🟢 x6
📝 AWS DynamoDB Table Point In Time Recovery is not enabled 🟢	1	🟢 x6