Asset Management - Asset Discovery Coverage
Description
Using our scanning tools, we identify systems that may exist in the environment that may not have been recorded in the asset management system.
| Attribute |
Value |
| Metric id |
am_known_assets |
| Category |
Asset Management |
| SLO |
90.00% - 95.00% |
| Weight |
0.5 |
| Type |
 |
References
| Framework |
Ref |
Domain |
Control |
| ISO 27001:2022 |
A.5.9 |
5 Organizational controls |
Inventory of information and other associated assets |
| CIS 8.1 |
1.1 |
Inventory and Control of Enterprise Assets |
Establish and Maintain Detailed Enterprise Asset Inventory |
| NIST CSF v2.0 |
ID.AM-01 |
Asset Management (ID.AM) |
ID.AM-01: Inventories of hardware managed by the organization are maintained |
| Essential8-ML1 |
ISM-1807 |
Patch applications |
An automated method of asset discovery is used at least fortnightly to support the detection of assets for subsequent vulnerability scanning activities. |
| Essential8-ML2 |
ISM-1807 |
Patch applications |
An automated method of asset discovery is used at least fortnightly to support the detection of assets for subsequent vulnerability scanning activities. |
| Essential8-ML3 |
ISM-1807 |
Patch applications |
An automated method of asset discovery is used at least fortnightly to support the detection of assets for subsequent vulnerability scanning activities. |
| Essential8-ML1 |
ISM-1807 |
Patch operating systems |
An automated method of asset discovery is used at least fortnightly to support the detection of assets for subsequent vulnerability scanning activities. |
| Essential8-ML2 |
ISM-1807 |
Patch operating systems |
An automated method of asset discovery is used at least fortnightly to support the detection of assets for subsequent vulnerability scanning activities. |
| Essential8-ML3 |
ISM-1807 |
Patch operating systems |
An automated method of asset discovery is used at least fortnightly to support the detection of assets for subsequent vulnerability scanning activities. |