Enterprise Asset Management Policy Template

Enterprise assets consist of end-user devices, network devices, non-computing/Internet of Things (IoT) devices, and servers that exist in virtual, cloud-based, or physical environments, including those that can be connected to remotely. Enterprises often struggle to manage all these assets, as they're constantly connecting new devices to and retiring old ones from the network. Simultaneously, some enterprise assets – especially work-from-home technologies – can reappear and disappear from view. Such dynamism highlights the need for a formalized way of managing enterprise assets.

This document points to the CIS Critical Security Controls (CIS Controls) v8 as a starting point for creating an enterprise asset management policy. In particular, it uses Safeguards 1.1 and 1.2 of CIS Control 1: Inventory and Control of Enterprise Assets to create an enterprise asset management policy template. IT and security professionals can use this resource to visualize and streamline the enterprise asset lifecycle in their workplace.