Software Asset Management Policy Template for CIS Control 2

Software asset management is the process of procuring, identifying, tracking, maintaining, and removing software on enterprise assets. Software asset management is a difficult problem for an enterprise of any size. New software is constantly acquired within an enterprise. Software must be maintained, updated, and ultimately uninstalled.

This policy template is meant to supplement the CIS Controls v8. The policy statements included within this document can be used by all CIS Implementation Groups (IGs), but are specifically geared towards Safeguards in Implementation Group 1 (IG1).