1.5: Maintain Asset Inventory Information

Ensure that the hardware asset inventory records the network address, hardware address, machine name, data asset owner, and department for each asset and whether the hardware asset has been approved to connect to the network.

Asset Type	Security Function	Implementation Groups
Devices	Identify	2, 3

Dependencies

• Sub-control 1.4: Maintain Detailed Asset Inventory

Inputs

1. Detailed endpoint inventory

Operations

1. For each endpoint, identify detailed information, such as:

   • Network Address

   • Hardware Address (applies to virtual endpoints)

   • Machine name

   • Data asset owner

   • Assigned department

2. Identify endpoints with all detailed information identified

3. For each endpoint, identify network connection approval

Measures

• M1 = List of endpoints in inventory

• M2 = Count of M1

• M3 = List of endpoints with network connection approval

• M4 = Count of M3

• M5 = List of endpoints with all detailed information

• M6 = Count of M5

Metrics

Endpoint Inventory Quality

Metric	The ratio of endpoints with all detailed information to the total number of inventoried endpoints
Calculation	M6 / M2

Endpoint Inventory Authorization Quality

Metric	The ratio of endpoints with approval to connect to the network
Calculation	M4 / M2