💼 ID.AM-07: Inventories of data and corresponding metadata for designated data types are maintained
- ID:
/frameworks/nist-csf-v2.0/id-am/07
Description
- Maintain a list of the designated data types of interest (e.g., personally identifiable information, protected health information, financial account numbers, organization intellectual property, operational technology data)
- Continuously discover and analyze ad hoc data to identify new instances of designated data types
- Assign data classifications to designated data types through tags or labels
- Track the provenance, data owner, and geolocation of each instance of designated data types
Similar
- Sections
/frameworks/nist-csf-v1.1/id-am/05/frameworks/nist-sp-800-53-r5/cm/12/frameworks/nist-sp-800-53-r5/cm/13/frameworks/nist-sp-800-53-r5/si/12
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 ID.AM-5: Resources (e.g., hardware, devices, data, time, personnel, and software) are prioritized based on their classification, criticality, and business value | no data | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 CM-12 Information Location | 1 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 CM-13 Data Action Mapping | no data | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 SI-12 Information Management and Retention | 3 | 5 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (5)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS Backup Vault contains unencrypted Recovery Points🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS DynamoDB Table Point In Time Recovery is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS ElastiCache Redis Cluster automatic backups are not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS RDS Instance automated backups are not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS S3 Bucket Versioning is not enabled🟢 | 1 | 🟢 x6 | no data |