What is ISO 27001 Asset Inventory?
The asset inventory includes all the assets that exist within the scope. The scope statement typically includes all underlying assets which may include people, networks, cables, facilities, hardware, software, etc. These assets collect, store, access and distribute information within the scope. Thus, we must assess the risk to these assets and apply appropriate controls to mitigate the risk. The asset inventory also tells us where to apply controls including the asset owner and location.
