Back to Security Pattern Catalog
: Security Pattern Space
The ability to define an asset's value is a key component of any risk assessment. Threats and vulnerabilities that target and expose an asset are only significant within the context of the asset's value. Without this determination, an enterprise is unable to properly assess the risks posed to its assets.
How can an enterprise determine the overall value of its assets?
Systematically determine the overall value of the assets identified in the scope of the risk assessment. Determine the financial value and security value of assets as well as the impact to business.
An asset valuation is a key component of all widely-accepted risk assessments, including those from NIST, ISO, etc. While they differ slightly in their approach, their purposes and overall goals are consistent.
Security Needs Identification for Enterprise Assets, Vulnerability Assessment
Asset Valuation, Security Association
Last modified: May 05, 2012
and Maintained by: Munawar Hafiz