Erwägungsgrund 25
The granularity of the asset inventory should be appropriate for the needs of the relevant entities. A comprehensive asset inventory should include, for each asset, at least a unique identifier, the owner of the asset, a description of the asset, the location of the asset, the type of asset, the type and classification of information processed in the asset, the date of last update or patch of the asset, the classification of the asset under the risk assessment, and the end of life of the asset. When identifying the owner of an asset, the relevant entities should also identify the person responsible for protecting said asset. Types of assets can be software, hardware, services, facilities, heating, ventilation and air conditioning systems, patents, copyrights, or physical records.
Navigieren Sie sicher durch die NIS2-Richtlinie!
Holen Sie sich den NIS2-Umsetzungs-Fahrplan und unseren Newsletter!