Assets are one of the most important concepts in Comply. We use the term "Asset" broadly to refer to "any risk-bearing thing you or your auditor might care about." That could be your proprietary applications and databases - the "crown jewels," so to speak. Is your data encrypted at rest?
Does everyone who has access to a system have a business justification for that access?
But your assets could also include your employees (are they receiving appropriate training?), or their devices (what if an employee's phone was stolen, and that phone had 2FA codes on it?). Comply makes it easy to store a unified data model of every asset you care about in one place, and keep them up-to-date with Integrations.
For anyone setting up a new compliance program, the first step is almost always to create an asset inventory, to wrap your head around the surface area of what you need to protect. "You can't protect what you don't know about."
Check out Aptible's Guide to Asset Management
For more on overall asset management and best practices, please find our asset management guide here.
Updated over 2 years ago