Overview #Where to find it in ISOPlanner: https://portal.isoplanner.app/assets/overview
Use the Assets menu in ISOPlanner to describe the assets in your organization.
When you add an asset, you can enter the following basic properties:
- Physical asset checkmark
- One or more tags
- [Premium] Containers that contain this newly created asset
Examples of assets are:
- Customer data
- CRM application
- Server 8
Important: only create assets on a level that you either want to classify as a group or that you want to identify a risk for. In other words, don’t create an asset for a specific laptop – instead create ‘Laptops’ as an asset. If you see specific risico's for a specific type of laptops, say “Developer laptops”, then create those as a separate asset. Then you can also classify those developer laptops in another way.
For instructions on how to manage the list of assets, including on how to search, filter, remove and report, see list actions.
When you edit an asset, you can modify the following extra properties:
Describe your asset in this text field.
Optionally give your asset a unique ID, perhaps referencing the asset registered in another system.
Choose from the following options:
The difference between ‘Active’ and ‘Registered’ is that a registered asset may not actually be in use yet.
The date that the asset was actively taken in use.
The date that the asset was archived – and therefore no longer in use.
The person responsible for the asset.
List on SharePoint
Here you can link a SharePoint list with items for this asset.
Example: create an asset ‘Laptops’ and link a list on SharePoint containing all laptops.
If an asset in not relevant in all activated standards, then use this option to identify for which activated standards the asset is relevant.
Add classifications from a predefined list to the asset. An asset can be classified in several ways. For example, on Confidentiality, Environmental impact or Reputation.
The pane which can be opened on the left contains more information related to asset. For example, in the ‘Library’ tab you can link documents to the asset. That may include a document that describes your asset. If the linked document lives in SharePoint, then you can include the document content in a tab in ISOPlanner with the asset.
List your classification here. They are grouped. A classification group is a topic for which you want to add classifications, like ‘Confidentiality’ or ‘Environment’.
The classification groups as defined here will also be available in the ‘risk analysis’ part of all risico's, with checkmarks to indicate that the risk is related to that topic (‘classification group’).
When adding or editing a classification, the following properties are available.
A numerical value that determines the level of the classification relative to other classifications in the group. For example, in the Confidentiality group the classification ‘Internal’ may have value 1, where the classification ‘Classified’ may have value 2.
An option is provided to change the color of the classification.
A description of the classification for internal use. A rich text editor is available for formatting this description.
You may provide examples of assets with this classification for internal use.
Editing classification groups #
With the ‘Edit group’ button, for a selected classification the following actions are available:
To rename the group.
To remove the entire group. It will also remove all classifications within the group and therefore remove them from any asset that had a classification within the group. It will also remove the classification group from the risk analysis part of all risico's. That means that the information that the classification group was checked as applicable – or not – for all risico's will disappear.